Package : imagemagick
Version : 8:6.7.7.10-5+deb7u11
CVE ID : CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2017-5506
CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511
Debian Bug : #851485, #851483, #851380, #851383, #851382, #851381, #851376, #851374
Numerous vulnerabilities were discovered in ImageMagick, an image
manipulation program. Issues include memory leaks, out of bound reads
and missing checks.
This update also includes an update of the fix for CVE-2016-8677 which
was incomplete in the previous version.
For Debian 7 "Wheezy", these problems have been fixed in version
8:6.7.7.10-5+deb7u11.
We recommend that you upgrade your imagemagick packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Attachment:
signature.asc
Description: PGP signature
{"osv": [{"lastseen": "2022-08-05T05:20:23", "description": "\nNumerous vulnerabilities were discovered in ImageMagick, an image\nmanipulation program. Issues include memory leaks, out of bound reads\nand missing checks.\n\n\nThis update also includes an update of the fix for [CVE-2016-8677](https://security-tracker.debian.org/tracker/CVE-2016-8677) which\nwas incomplete in the previous version.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n8:6.7.7.10-5+deb7u11.\n\n\nWe recommend that you upgrade your imagemagick packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-30T00:00:00", "type": "osv", "title": "imagemagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5506", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2017-5508", "CVE-2017-5510", "CVE-2016-8677", "CVE-2017-5511", "CVE-2017-5507"], "modified": "2022-08-05T05:20:03", "id": "OSV:DLA-807-1", "href": "https://osv.dev/vulnerability/DLA-807-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-10T07:11:18", "description": "\nThis update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of arbitrary\ncode if malformed TIFF, WPG, IPL, MPC or PSB files are processed.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u7.\n\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 8:6.9.7.4+dfsg-1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.7.4+dfsg-1.\n\n\nWe recommend that you upgrade your imagemagick packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-01T00:00:00", "type": "osv", "title": "imagemagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8707", "CVE-2017-5506", "CVE-2016-10144", "CVE-2016-10062", "CVE-2016-10145", "CVE-2016-10146", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511", "CVE-2017-5507"], "modified": "2022-08-10T07:11:15", "id": "OSV:DSA-3799-1", "href": "https://osv.dev/vulnerability/DSA-3799-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-10T07:09:59", "description": "\nSeveral issues have been discovered in ImageMagick, a popular set of\nprograms and libraries for image manipulation. These issues include\nseveral problems in memory handling that can result in a denial of\nservice attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u6.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.6.5+dfsg-1.\n\n\nWe recommend that you upgrade your imagemagick packages.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-26T00:00:00", "type": "osv", "title": "imagemagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7799", "CVE-2016-10066", "CVE-2016-10071", "CVE-2016-10061", "CVE-2016-10067", "CVE-2016-10064", "CVE-2016-10068", "CVE-2016-10063", "CVE-2016-10059", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-9556", "CVE-2016-10065", "CVE-2016-8862", "CVE-2016-10070", "CVE-2016-9559", "CVE-2016-10069"], "modified": "2022-08-10T07:09:54", "id": "OSV:DSA-3726-1", "href": "https://osv.dev/vulnerability/DSA-3726-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:12:33", "description": "\nNumerous vulnerabilities were discovered in ImageMagick, an image\nmanipulation program. Issues include memory exception, heap, buffer\nand stack overflows, out of bound reads and missing checks.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n8:6.7.7.10-5+deb7u10.\n\n\nThe exact impact of the vulnerabilities is unknown, as they were\nmostly discovered through fuzzing. We still recommend that you upgrade\nyour imagemagick packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-12-22T00:00:00", "type": "osv", "title": "imagemagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7799", "CVE-2016-8707", "CVE-2016-10066", "CVE-2016-10071", "CVE-2016-10061", "CVE-2016-10067", "CVE-2016-8866", "CVE-2016-10064", "CVE-2016-10068", "CVE-2016-10063", "CVE-2016-10060", "CVE-2016-10059", "CVE-2016-8677", "CVE-2016-9556", "CVE-2016-10065", "CVE-2016-8862", "CVE-2016-10070", "CVE-2016-9559", "CVE-2016-10069"], "modified": "2022-07-21T05:54:48", "id": "OSV:DLA-756-1", "href": "https://osv.dev/vulnerability/DLA-756-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T14:08:49", "description": "Numerous vulnerabilities were discovered in ImageMagick, an image manipulation program. Issues include memory leaks, out of bound reads and missing checks.\n\nThis update also includes an update of the fix for CVE-2016-8677 which was incomplete in the previous version.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 8:6.7.7.10-5+deb7u11.\n\nWe recommend that you upgrade your imagemagick packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-01-31T00:00:00", "type": "nessus", "title": "Debian DLA-807-1 : imagemagick security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-8677", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:imagemagick", "p-cpe:/a:debian:debian_linux:imagemagick-common", "p-cpe:/a:debian:debian_linux:imagemagick-dbg", "p-cpe:/a:debian:debian_linux:imagemagick-doc", "p-cpe:/a:debian:debian_linux:libmagick%2b%2b-dev", "p-cpe:/a:debian:debian_linux:libmagick%2b%2b5", "p-cpe:/a:debian:debian_linux:libmagickcore-dev", "p-cpe:/a:debian:debian_linux:libmagickcore5", "p-cpe:/a:debian:debian_linux:libmagickcore5-extra", "p-cpe:/a:debian:debian_linux:libmagickwand-dev", "p-cpe:/a:debian:debian_linux:libmagickwand5", "p-cpe:/a:debian:debian_linux:perlmagick", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-807.NASL", "href": "https://www.tenable.com/plugins/nessus/96882", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-807-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96882);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n\n script_name(english:\"Debian DLA-807-1 : imagemagick security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Numerous vulnerabilities were discovered in ImageMagick, an image\nmanipulation program. Issues include memory leaks, out of bound reads\nand missing checks.\n\nThis update also includes an update of the fix for CVE-2016-8677 which\nwas incomplete in the previous version.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n8:6.7.7.10-5+deb7u11.\n\nWe recommend that you upgrade your imagemagick packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/01/msg00043.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/imagemagick\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagick++-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagick++5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagickcore-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagickcore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagickcore5-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagickwand-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libmagickwand5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:perlmagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"imagemagick\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"imagemagick-common\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"imagemagick-dbg\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"imagemagick-doc\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagick++-dev\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagick++5\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagickcore-dev\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagickcore5\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagickcore5-extra\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagickwand-dev\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libmagickwand5\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"perlmagick\", reference:\"8:6.7.7.10-5+deb7u11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:10:35", "description": "This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are processed.", "cvss3": {}, "published": "2017-03-02T00:00:00", "type": "nessus", "title": "Debian DSA-3799-1 : imagemagick - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10062", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-8707", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:imagemagick", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3799.NASL", "href": "https://www.tenable.com/plugins/nessus/97475", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3799. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97475);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10062\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-8707\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n script_xref(name:\"DSA\", value:\"3799\");\n\n script_name(english:\"Debian DSA-3799-1 : imagemagick - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of\narbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are\nprocessed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851381\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/imagemagick\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2017/dsa-3799\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the imagemagick packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 8:6.8.9.9-5+deb8u7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-6.q16\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-common\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-dbg\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-doc\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libimage-magick-perl\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libimage-magick-q16-perl\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-6-headers\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-6.q16-5\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-6.q16-dev\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-dev\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6-arch-config\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6-headers\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6.q16-2\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6.q16-2-extra\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6.q16-dev\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-dev\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-6-headers\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-6.q16-2\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-6.q16-dev\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-dev\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"perlmagick\", reference:\"8:6.8.9.9-5+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:18", "description": "The remote host is affected by the vulnerability described in GLSA-201702-09 (ImageMagick: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker, by enticing a user to process a specially crafted image file, could execute arbitrary code with the privileges of the process or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2017-02-21T00:00:00", "type": "nessus", "title": "GLSA-201702-09 : ImageMagick: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-9298", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5509", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:imagemagick", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201702-09.NASL", "href": "https://www.tenable.com/plugins/nessus/97252", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201702-09.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97252);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-9298\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5509\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n script_xref(name:\"GLSA\", value:\"201702-09\");\n\n script_name(english:\"GLSA-201702-09 : ImageMagick: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201702-09\n(ImageMagick: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ImageMagick. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker, by enticing a user to process a specially crafted\n image file, could execute arbitrary code with the privileges of the\n process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201702-09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ImageMagick users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/imagemagick-6.9.7.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/imagemagick\", unaffected:make_list(\"ge 6.9.7.4\"), vulnerable:make_list(\"lt 6.9.7.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:51", "description": "It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-03-09T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3222-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10062", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-8707", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:imagemagick", "p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16", "p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-5v5", "p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b4", "p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore4", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore4-extra", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3222-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97634", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3222-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97634);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-10062\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-8707\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n script_xref(name:\"USN\", value:\"3222-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3222-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that ImageMagick incorrectly handled certain\nmalformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could\nexploit this to cause a denial of service or possibly execute code\nwith the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3222-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-5v5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore4-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"imagemagick\", pkgver:\"8:6.6.9.7-5ubuntu3.8\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmagick++4\", pkgver:\"8:6.6.9.7-5ubuntu3.8\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmagickcore4\", pkgver:\"8:6.6.9.7-5ubuntu3.8\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmagickcore4-extra\", pkgver:\"8:6.6.9.7-5ubuntu3.8\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"imagemagick\", pkgver:\"8:6.7.7.10-6ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagick++5\", pkgver:\"8:6.7.7.10-6ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagickcore5\", pkgver:\"8:6.7.7.10-6ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagickcore5-extra\", pkgver:\"8:6.7.7.10-6ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick\", pkgver:\"8:6.8.9.9-7ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.8.9.9-7ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagick++-6.q16-5v5\", pkgver:\"8:6.8.9.9-7ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2\", pkgver:\"8:6.8.9.9-7ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2-extra\", pkgver:\"8:6.8.9.9-7ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"imagemagick\", pkgver:\"8:6.8.9.9-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.8.9.9-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libmagick++-6.q16-5v5\", pkgver:\"8:6.8.9.9-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libmagickcore-6.q16-2\", pkgver:\"8:6.8.9.9-7ubuntu8.4\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libmagickcore-6.q16-2-extra\", pkgver:\"8:6.8.9.9-7ubuntu8.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imagemagick / imagemagick-6.q16 / libmagick++-6.q16-5v5 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:48", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308)\n\n - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314).\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319).\n\n - CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320).\n\n - CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326).\n\n - CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433).\n\n - CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435).\n\n - CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)\n\n - CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436).\n\n - CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439).\n\n - CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441).\n\n - CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448) This update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-03-02T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2017:0586-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10046", "CVE-2016-10048", "CVE-2016-10049", "CVE-2016-10050", "CVE-2016-10051", "CVE-2016-10052", "CVE-2016-10059", "CVE-2016-10060", "CVE-2016-10063", "CVE-2016-10064", "CVE-2016-10065", "CVE-2016-10068", "CVE-2016-10070", "CVE-2016-10071", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-9773", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5511"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libmagickcore1", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-0586-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97495", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0586-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97495);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-10046\", \"CVE-2016-10048\", \"CVE-2016-10049\", \"CVE-2016-10050\", \"CVE-2016-10051\", \"CVE-2016-10052\", \"CVE-2016-10059\", \"CVE-2016-10060\", \"CVE-2016-10063\", \"CVE-2016-10064\", \"CVE-2016-10065\", \"CVE-2016-10068\", \"CVE-2016-10070\", \"CVE-2016-10071\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-9773\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5511\");\n\n script_name(english:\"SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2017:0586-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2016-10046: Prevent buffer overflow in draw.c caused\n by an incorrect length calculation (bsc#1017308)\n\n - CVE-2016-10048: Arbitrary module could have been load\n because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10049: Corrupt RLE files could have overflowed\n a buffer due to a incorrect length calculation\n (bsc#1017311)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed\n a heap buffer due to a missing offset check\n (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP\n files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of\n JPEG files (bsc#1017314).\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF\n files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10060: Improved error handling when writing\n files to not mask errors (bsc#1017319).\n\n - CVE-2016-10063: Check validity of extend during TIFF\n file reading (bsc#1017320).\n\n - CVE-2016-10064: Improved checks for buffer overflow when\n reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF\n files could have lead to out of bound reads\n (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using\n the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10070: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10071: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326).\n\n - CVE-2016-10144: Added a check after allocating memory\n when parsing IPL files (bsc#1020433).\n\n - CVE-2016-10145: Fixed of-by-one in string copy operation\n when parsing WPG files (bsc#1020435).\n\n - CVE-2016-10146: Captions and labels were handled\n incorrectly, causing a memory leak that could have lead\n to DoS (bsc#1020443)\n\n - CVE-2017-5506: Missing offset check leading to a\n double-free (bsc#1020436).\n\n - CVE-2017-5507: Fixed a memory leak when reading MPC\n files allowing for DoS (bsc#1020439).\n\n - CVE-2017-5508: Increase the amount of memory allocated\n for TIFF pixels to prevent a heap buffer-overflow\n (bsc#1020441).\n\n - CVE-2017-5511: A missing cast when reading PSD files\n could have caused memory corruption by a heap overflow\n (bsc#1020448) This update removes the fix for\n CVE-2016-9773. ImageMagick-6 was not affected by\n CVE-2016-9773 and it caused a regression (at least in\n GraphicsMagick) (bsc#1017421).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10046/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10048/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10059/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10060/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10063/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10064/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10065/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10070/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10071/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10144/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10145/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10146/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5506/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5507/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5508/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5511/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170586-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aba767dd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-ImageMagick-12998=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ImageMagick-12998=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ImageMagick-12998=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore1-32bit-6.4.3.6-7.65.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libMagickCore1-32bit-6.4.3.6-7.65.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libMagickCore1-6.4.3.6-7.65.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:10:09", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308)\n\n - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314)\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319)\n\n - CVE-2016-10061: Improved error handling when writing files to not mask errors (bsc#1017319).\n\n - CVE-2016-10062: Improved error handling when writing files to not mask errors (bsc#1017319).\n\n - CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320)\n\n - CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10069: Add check for invalid mat file (bsc#1017325).\n\n - CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433)\n\n - CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435)\n\n - CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)\n\n - CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436)\n\n - CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439)\n\n - CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441)\n\n - CVE-2017-5510: Prevent out-of-bounds write when reading PSD files (bsc#1020446).\n\n - CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448)\n\nThis update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421).\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2017-03-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ImageMagick (openSUSE-2017-303)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10046", "CVE-2016-10048", "CVE-2016-10049", "CVE-2016-10050", "CVE-2016-10051", "CVE-2016-10052", "CVE-2016-10059", "CVE-2016-10060", "CVE-2016-10061", "CVE-2016-10062", "CVE-2016-10063", "CVE-2016-10064", "CVE-2016-10065", "CVE-2016-10068", "CVE-2016-10069", "CVE-2016-10070", "CVE-2016-10071", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-9773", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:imagemagick", "p-cpe:/a:novell:opensuse:imagemagick-debuginfo", "p-cpe:/a:novell:opensuse:imagemagick-debugsource", "p-cpe:/a:novell:opensuse:imagemagick-devel", "p-cpe:/a:novell:opensuse:imagemagick-devel-32bit", "p-cpe:/a:novell:opensuse:imagemagick-extra", "p-cpe:/a:novell:opensuse:imagemagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel-32bit", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1-32bit", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1-32bit", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:perl-perlmagick", "p-cpe:/a:novell:opensuse:perl-perlmagick-debuginfo", "cpe:/o:novell:opensuse:42.1", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-303.NASL", "href": "https://www.tenable.com/plugins/nessus/97562", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-303.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97562);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-10046\", \"CVE-2016-10048\", \"CVE-2016-10049\", \"CVE-2016-10050\", \"CVE-2016-10051\", \"CVE-2016-10052\", \"CVE-2016-10059\", \"CVE-2016-10060\", \"CVE-2016-10061\", \"CVE-2016-10062\", \"CVE-2016-10063\", \"CVE-2016-10064\", \"CVE-2016-10065\", \"CVE-2016-10068\", \"CVE-2016-10069\", \"CVE-2016-10070\", \"CVE-2016-10071\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-9773\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2017-303)\");\n script_summary(english:\"Check for the openSUSE-2017-303 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2016-10046: Prevent buffer overflow in draw.c caused\n by an incorrect length calculation (bsc#1017308)\n\n - CVE-2016-10048: Arbitrary module could have been load\n because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10049: Corrupt RLE files could have overflowed\n a buffer due to a incorrect length calculation\n (bsc#1017311)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed\n a heap buffer due to a missing offset check\n (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP\n files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of\n JPEG files (bsc#1017314)\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF\n files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10060: Improved error handling when writing\n files to not mask errors (bsc#1017319)\n\n - CVE-2016-10061: Improved error handling when writing\n files to not mask errors (bsc#1017319).\n\n - CVE-2016-10062: Improved error handling when writing\n files to not mask errors (bsc#1017319).\n\n - CVE-2016-10063: Check validity of extend during TIFF\n file reading (bsc#1017320)\n\n - CVE-2016-10064: Improved checks for buffer overflow when\n reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF\n files could have lead to out of bound reads\n (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using\n the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10069: Add check for invalid mat file\n (bsc#1017325).\n\n - CVE-2016-10070: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10071: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10144: Added a check after allocating memory\n when parsing IPL files (bsc#1020433)\n\n - CVE-2016-10145: Fixed of-by-one in string copy operation\n when parsing WPG files (bsc#1020435)\n\n - CVE-2016-10146: Captions and labels were handled\n incorrectly, causing a memory leak that could have lead\n to DoS (bsc#1020443)\n\n - CVE-2017-5506: Missing offset check leading to a\n double-free (bsc#1020436)\n\n - CVE-2017-5507: Fixed a memory leak when reading MPC\n files allowing for DoS (bsc#1020439)\n\n - CVE-2017-5508: Increase the amount of memory allocated\n for TIFF pixels to prevent a heap buffer-overflow\n (bsc#1020441)\n\n - CVE-2017-5510: Prevent out-of-bounds write when reading\n PSD files (bsc#1020446).\n\n - CVE-2017-5511: A missing cast when reading PSD files\n could have caused memory corruption by a heap overflow\n (bsc#1020448)\n\nThis update removes the fix for CVE-2016-9773. ImageMagick-6 was not\naffected by CVE-2016-9773 and it caused a regression (at least in\nGraphicsMagick) (bsc#1017421).\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020448\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1|SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1 / 42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-debuginfo-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-debugsource-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-devel-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-extra-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-extra-debuginfo-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-6_Q16-3-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-devel-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-PerlMagick-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-PerlMagick-debuginfo-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"ImageMagick-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"ImageMagick-debuginfo-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"ImageMagick-debugsource-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"ImageMagick-devel-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"ImageMagick-extra-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"ImageMagick-extra-debuginfo-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagick++-6_Q16-3-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagick++-devel-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"perl-PerlMagick-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"perl-PerlMagick-debuginfo-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-32bit-6.8.8.1-28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-28.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:17:43", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation (bsc#1017308)\n\n - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10049: Corrupt RLE files could have overflowed a buffer due to a incorrect length calculation (bsc#1017311)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314)\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10060: Improved error handling when writing files to not mask errors (bsc#1017319)\n\n - CVE-2016-10061: Improved error handling when writing files to not mask errors (bsc#1017319).\n\n - CVE-2016-10062: Improved error handling when writing files to not mask errors (bsc#1017319).\n\n - CVE-2016-10063: Check validity of extend during TIFF file reading (bsc#1017320)\n\n - CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10069: Add check for invalid mat file (bsc#1017325).\n\n - CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10071: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10144: Added a check after allocating memory when parsing IPL files (bsc#1020433)\n\n - CVE-2016-10145: Fixed of-by-one in string copy operation when parsing WPG files (bsc#1020435)\n\n - CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)\n\n - CVE-2017-5506: Missing offset check leading to a double-free (bsc#1020436)\n\n - CVE-2017-5507: Fixed a memory leak when reading MPC files allowing for DoS (bsc#1020439)\n\n - CVE-2017-5508: Increase the amount of memory allocated for TIFF pixels to prevent a heap buffer-overflow (bsc#1020441)\n\n - CVE-2017-5510: Prevent out-of-bounds write when reading PSD files (bsc#1020446).\n\n - CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448) This update removes the fix for CVE-2016-9773. ImageMagick-6 was not affected by CVE-2016-9773 and it caused a regression (at least in GraphicsMagick) (bsc#1017421).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-02-22T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2017:0529-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10046", "CVE-2016-10048", "CVE-2016-10049", "CVE-2016-10050", "CVE-2016-10051", "CVE-2016-10052", "CVE-2016-10059", "CVE-2016-10060", "CVE-2016-10061", "CVE-2016-10062", "CVE-2016-10063", "CVE-2016-10064", "CVE-2016-10065", "CVE-2016-10068", "CVE-2016-10069", "CVE-2016-10070", "CVE-2016-10071", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-9773", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:imagemagick", "p-cpe:/a:novell:suse_linux:imagemagick-debuginfo", "p-cpe:/a:novell:suse_linux:imagemagick-debugsource", "p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16", "p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16-3-debuginfo", "p-cpe:/a:novell:suse_linux:libmagickcore-6_q16", "p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1", "p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libmagickwand-6_q16", "p-cpe:/a:novell:suse_linux:libmagickwand-6_q16-1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0529-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97317", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0529-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97317);\n script_version(\"3.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-10046\", \"CVE-2016-10048\", \"CVE-2016-10049\", \"CVE-2016-10050\", \"CVE-2016-10051\", \"CVE-2016-10052\", \"CVE-2016-10059\", \"CVE-2016-10060\", \"CVE-2016-10061\", \"CVE-2016-10062\", \"CVE-2016-10063\", \"CVE-2016-10064\", \"CVE-2016-10065\", \"CVE-2016-10068\", \"CVE-2016-10069\", \"CVE-2016-10070\", \"CVE-2016-10071\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-9773\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2017:0529-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2016-10046: Prevent buffer overflow in draw.c caused\n by an incorrect length calculation (bsc#1017308)\n\n - CVE-2016-10048: Arbitrary module could have been load\n because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10049: Corrupt RLE files could have overflowed\n a buffer due to a incorrect length calculation\n (bsc#1017311)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed\n a heap buffer due to a missing offset check\n (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP\n files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of\n JPEG files (bsc#1017314)\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF\n files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10060: Improved error handling when writing\n files to not mask errors (bsc#1017319)\n\n - CVE-2016-10061: Improved error handling when writing\n files to not mask errors (bsc#1017319).\n\n - CVE-2016-10062: Improved error handling when writing\n files to not mask errors (bsc#1017319).\n\n - CVE-2016-10063: Check validity of extend during TIFF\n file reading (bsc#1017320)\n\n - CVE-2016-10064: Improved checks for buffer overflow when\n reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF\n files could have lead to out of bound reads\n (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using\n the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10069: Add check for invalid mat file\n (bsc#1017325).\n\n - CVE-2016-10070: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10071: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10144: Added a check after allocating memory\n when parsing IPL files (bsc#1020433)\n\n - CVE-2016-10145: Fixed of-by-one in string copy operation\n when parsing WPG files (bsc#1020435)\n\n - CVE-2016-10146: Captions and labels were handled\n incorrectly, causing a memory leak that could have lead\n to DoS (bsc#1020443)\n\n - CVE-2017-5506: Missing offset check leading to a\n double-free (bsc#1020436)\n\n - CVE-2017-5507: Fixed a memory leak when reading MPC\n files allowing for DoS (bsc#1020439)\n\n - CVE-2017-5508: Increase the amount of memory allocated\n for TIFF pixels to prevent a heap buffer-overflow\n (bsc#1020441)\n\n - CVE-2017-5510: Prevent out-of-bounds write when reading\n PSD files (bsc#1020446).\n\n - CVE-2017-5511: A missing cast when reading PSD files\n could have caused memory corruption by a heap overflow\n (bsc#1020448) This update removes the fix for\n CVE-2016-9773. ImageMagick-6 was not affected by\n CVE-2016-9773 and it caused a regression (at least in\n GraphicsMagick) (bsc#1017421).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017319\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020433\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020441\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020446\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10046/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10048/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10050/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10051/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10059/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10060/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10061/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10062/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10063/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10064/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10065/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10069/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10070/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10071/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10144/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10145/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-10146/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5506/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5507/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5508/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5510/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5511/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170529-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a06fcd2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2017-273=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2017-273=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-273=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2017-273=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-273=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-273=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-273=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-273=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2017-273=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ImageMagick-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ImageMagick-debugsource-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-59.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-59.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:22", "description": "This update for GraphicsMagick fixes several issues.\n\nThese security issues were fixed :\n\n - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314)\n\n - CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)\n\n - CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448)", "cvss3": {}, "published": "2017-02-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : GraphicsMagick (openSUSE-2017-212)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10048", "CVE-2016-10050", "CVE-2016-10051", "CVE-2016-10052", "CVE-2016-10068", "CVE-2016-10070", "CVE-2016-10146", "CVE-2017-5511"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:graphicsmagick", "p-cpe:/a:novell:opensuse:graphicsmagick-debuginfo", "p-cpe:/a:novell:opensuse:graphicsmagick-debugsource", "p-cpe:/a:novell:opensuse:graphicsmagick-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-12", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-12-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick-q16-3", "p-cpe:/a:novell:opensuse:libgraphicsmagick-q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick3-config", "p-cpe:/a:novell:opensuse:libgraphicsmagickwand-q16-2", "p-cpe:/a:novell:opensuse:libgraphicsmagickwand-q16-2-debuginfo", "p-cpe:/a:novell:opensuse:perl-graphicsmagick", "p-cpe:/a:novell:opensuse:perl-graphicsmagick-debuginfo", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-212.NASL", "href": "https://www.tenable.com/plugins/nessus/97073", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-212.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97073);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-10048\", \"CVE-2016-10050\", \"CVE-2016-10051\", \"CVE-2016-10052\", \"CVE-2016-10068\", \"CVE-2016-10070\", \"CVE-2016-10146\", \"CVE-2017-5511\");\n\n script_name(english:\"openSUSE Security Update : GraphicsMagick (openSUSE-2017-212)\");\n script_summary(english:\"Check for the openSUSE-2017-212 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for GraphicsMagick fixes several issues.\n\nThese security issues were fixed :\n\n - CVE-2016-10048: Arbitrary module could have been load\n because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed\n a heap buffer due to a missing offset check\n (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP\n files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of\n JPEG files (bsc#1017314)\n\n - CVE-2016-10068: Prevent NULL pointer access when using\n the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10070: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10146: Captions and labels were handled\n incorrectly, causing a memory leak that could have lead\n to DoS (bsc#1020443)\n\n - CVE-2017-5511: A missing cast when reading PSD files\n could have caused memory corruption by a heap overflow\n (bsc#1020448)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020448\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-12-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick3-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-debuginfo-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-debugsource-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-devel-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick++-Q16-12-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick++-Q16-12-debuginfo-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick++-devel-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick-Q16-3-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick-Q16-3-debuginfo-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick3-config-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagickWand-Q16-2-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"perl-GraphicsMagick-1.3.25-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"perl-GraphicsMagick-debuginfo-1.3.25-9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick / GraphicsMagick-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:31", "description": "According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more.ImageMagick is one of your choices if you need a program to manipulate and display images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well.Security Fix(es):In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.(CVE-2018-16329)ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.(CVE-2017-17499)In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.(CVE-2017-13146)In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.(CVE-2017-13143)In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.(CVE-2017-13139)coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5510)coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5509)Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.(CVE-2017-5507)Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.(CVE-2016-10252)Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.(CVE-2016-10145)Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.(CVE-2016-7539)In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.(CVE-2018-20467)In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.(CVE-2018-16328)ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.(CVE-2018-16323)WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2018-8804)In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.(CVE-2018-12600)ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.(CVE-2017-15033)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-12T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-2160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10145", "CVE-2016-10252", "CVE-2016-7539", "CVE-2017-13139", "CVE-2017-13143", "CVE-2017-13146", "CVE-2017-15033", "CVE-2017-17499", "CVE-2017-5507", "CVE-2017-5509", "CVE-2017-5510", "CVE-2018-12600", "CVE-2018-16323", "CVE-2018-16328", "CVE-2018-16329", "CVE-2018-20467", "CVE-2018-8804"], "modified": "2021-02-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:imagemagick", "p-cpe:/a:huawei:euleros:imagemagick-c%2b%2b", "p-cpe:/a:huawei:euleros:imagemagick-libs", "p-cpe:/a:huawei:euleros:imagemagick-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2160.NASL", "href": "https://www.tenable.com/plugins/nessus/130869", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130869);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2016-10145\",\n \"CVE-2016-10252\",\n \"CVE-2016-7539\",\n \"CVE-2017-13139\",\n \"CVE-2017-13143\",\n \"CVE-2017-13146\",\n \"CVE-2017-15033\",\n \"CVE-2017-17499\",\n \"CVE-2017-5507\",\n \"CVE-2017-5509\",\n \"CVE-2017-5510\",\n \"CVE-2018-12600\",\n \"CVE-2018-16323\",\n \"CVE-2018-16328\",\n \"CVE-2018-16329\",\n \"CVE-2018-20467\",\n \"CVE-2018-8804\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-2160)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick is an image display and manipulation tool\n for the X Window System. ImageMagick can read and write\n JPEG, TIFF, PNM, GIF,and Photo CD image formats. It can\n resize, rotate, sharpen, color reduce, or add special\n effects to an image, and when finished you can either\n save the completed work in the original format or a\n different one. ImageMagick also includes command line\n programs for creating animated or transparent .gifs,\n creating composite images, creating thumbnail images,\n and more.ImageMagick is one of your choices if you need\n a program to manipulate and display images. If you want\n to develop your own applications which use ImageMagick\n code or APIs, you need to install ImageMagick-devel as\n well.Security Fix(es):In ImageMagick before 7.0.8-8, a\n NULL pointer dereference exists in the\n GetMagickProperty function in\n MagickCore/property.c.(CVE-2018-16329)ImageMagick\n before 6.9.9-24 and 7.x before 7.0.7-12 has a\n use-after-free in Magick::Image::read in\n Magick++/lib/Image.cpp.(CVE-2017-17499)In ImageMagick\n before 6.9.8-5 and 7.x before 7.0.5-6, there is a\n memory leak in the ReadMATImage function in\n coders/mat.c.(CVE-2017-13146)In ImageMagick before\n 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage\n function in coders/mat.c uses uninitialized data, which\n might allow remote attackers to obtain sensitive\n information from process memory.(CVE-2017-13143)In\n ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the\n ReadOneMNGImage function in coders/png.c has an\n out-of-bounds read with the MNG CLIP\n chunk.(CVE-2017-13139)coders/psd.c in ImageMagick\n allows remote attackers to have unspecified impact via\n a crafted PSD file, which triggers an out-of-bounds\n write.(CVE-2017-5510)coders/psd.c in ImageMagick allows\n remote attackers to have unspecified impact via a\n crafted PSD file, which triggers an out-of-bounds\n write.(CVE-2017-5509)Memory leak in coders/mpc.c in\n ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4\n allows remote attackers to cause a denial of service\n (memory consumption) via vectors involving a pixel\n cache.(CVE-2017-5507)Memory leak in the IsOptionMember\n function in MagickCore/option.c in ImageMagick before\n 6.9.2-2, as used in ODR-PadEnc and other products,\n allows attackers to trigger memory\n consumption.(CVE-2016-10252)Off-by-one error in\n coders/wpg.c in ImageMagick allows remote attackers to\n have unspecified impact via vectors related to a string\n copy.(CVE-2016-10145)Memory leak in\n AcquireVirtualMemory in ImageMagick before 7 allows\n remote attackers to cause a denial of service (memory\n consumption) via unspecified vectors.(CVE-2016-7539)In\n coders/bmp.c in ImageMagick before 7.0.8-16, an input\n file can result in an infinite loop and hang, with high\n CPU and memory consumption. Remote attackers could\n leverage this vulnerability to cause a denial of\n service via a crafted file.(CVE-2018-20467)In\n ImageMagick before 7.0.8-8, a NULL pointer dereference\n exists in the CheckEventLogging function in\n MagickCore/log.c.(CVE-2018-16328)ReadXBMImage in\n coders/xbm.c in ImageMagick before 7.0.8-9 leaves data\n uninitialized when processing an XBM file that has a\n negative pixel value. If the affected code is used as a\n library loaded into a process that includes sensitive\n information, that information sometimes can be leaked\n via the image data.(CVE-2018-16323)WriteEPTImage in\n coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote\n attackers to cause a denial of service\n (MagickCore/memory.c double free and application crash)\n or possibly have unspecified other impact via a crafted\n file.(CVE-2018-8804)In ImageMagick 7.0.8-3 Q16,\n ReadDIBImage and WriteDIBImage in coders/dib.c allow\n attackers to cause an out of bounds write via a crafted\n file.(CVE-2018-12600)ImageMagick version 7.0.7-2\n contains a memory leak in ReadYUVImage in\n coders/yuv.c.(CVE-2017-15033)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2160\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65bf07e6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16329\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.9.9.38-3.h11.eulerosv2r7\",\n \"ImageMagick-c++-6.9.9.38-3.h11.eulerosv2r7\",\n \"ImageMagick-libs-6.9.9.38-3.h11.eulerosv2r7\",\n \"ImageMagick-perl-6.9.9.38-3.h11.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:59", "description": "According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.(CVE-2016-5691)\n\n - The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.(CVE-2016-5690)\n\n - The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.(CVE-2016-5689)\n\n - The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.(CVE-2016-5687)\n\n - coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.(CVE-2016-10144)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-09-23T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1970)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10144", "CVE-2016-5687", "CVE-2016-5689", "CVE-2016-5690", "CVE-2016-5691"], "modified": "2021-02-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:imagemagick", "p-cpe:/a:huawei:euleros:imagemagick-c%2b%2b", "p-cpe:/a:huawei:euleros:imagemagick-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1970.NASL", "href": "https://www.tenable.com/plugins/nessus/129127", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129127);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2016-10144\",\n \"CVE-2016-5687\",\n \"CVE-2016-5689\",\n \"CVE-2016-5690\",\n \"CVE-2016-5691\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1970)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The DCM reader in ImageMagick before 6.9.4-5 and 7.x\n before 7.0.1-7 allows remote attackers to have\n unspecified impact by leveraging lack of validation of\n (1) pixel.red, (2) pixel.green, and (3)\n pixel.blue.(CVE-2016-5691)\n\n - The ReadDCMImage function in DCM reader in ImageMagick\n before 6.9.4-5 and 7.x before 7.0.1-7 allows remote\n attackers to have unspecified impact via vectors\n involving the for statement in computing the pixel\n scaling table.(CVE-2016-5690)\n\n - The DCM reader in ImageMagick before 6.9.4-5 and 7.x\n before 7.0.1-7 allows remote attackers to have\n unspecified impact by leveraging lack of NULL pointer\n checks.(CVE-2016-5689)\n\n - The VerticalFilter function in the DDS coder in\n ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4\n allows remote attackers to have unspecified impact via\n a crafted DDS file, which triggers an out-of-bounds\n read.(CVE-2016-5687)\n\n - coders/ipl.c in ImageMagick allows remote attackers to\n have unspecific impact by leveraging a missing malloc\n check.(CVE-2016-10144)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1970\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?980b2324\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.7.8.9-15.h27.eulerosv2r7\",\n \"ImageMagick-c++-6.7.8.9-15.h27.eulerosv2r7\",\n \"ImageMagick-perl-6.7.8.9-15.h27.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:22", "description": "This update for GraphicsMagick fixes several issues.\n\nThese security issues were fixed :\n\n - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed a heap buffer due to a missing offset check (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of JPEG files (bsc#1017314)\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10064: Improved checks for buffer overflow when reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF files could have lead to out of bound reads (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10069: Add check for invalid mat file (bsc#1017325).\n\n - CVE-2016-10070: Prevent allocating the wrong amount of memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10146: Captions and labels were handled incorrectly, causing a memory leak that could have lead to DoS (bsc#1020443)\n\n - CVE-2017-5511: A missing cast when reading PSD files could have caused memory corruption by a heap overflow (bsc#1020448)", "cvss3": {}, "published": "2017-02-09T00:00:00", "type": "nessus", "title": "openSUSE Security Update : GraphicsMagick (openSUSE-2017-214)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10048", "CVE-2016-10050", "CVE-2016-10051", "CVE-2016-10052", "CVE-2016-10059", "CVE-2016-10064", "CVE-2016-10065", "CVE-2016-10068", "CVE-2016-10069", "CVE-2016-10070", "CVE-2016-10146", "CVE-2017-5511"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:graphicsmagick", "p-cpe:/a:novell:opensuse:graphicsmagick-debuginfo", "p-cpe:/a:novell:opensuse:graphicsmagick-debugsource", "p-cpe:/a:novell:opensuse:graphicsmagick-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-11", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-11-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick-q16-3", "p-cpe:/a:novell:opensuse:libgraphicsmagick-q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick3-config", "p-cpe:/a:novell:opensuse:libgraphicsmagickwand-q16-2", "p-cpe:/a:novell:opensuse:libgraphicsmagickwand-q16-2-debuginfo", "p-cpe:/a:novell:opensuse:perl-graphicsmagick", "p-cpe:/a:novell:opensuse:perl-graphicsmagick-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2017-214.NASL", "href": "https://www.tenable.com/plugins/nessus/97075", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-214.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97075);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-10048\", \"CVE-2016-10050\", \"CVE-2016-10051\", \"CVE-2016-10052\", \"CVE-2016-10059\", \"CVE-2016-10064\", \"CVE-2016-10065\", \"CVE-2016-10068\", \"CVE-2016-10069\", \"CVE-2016-10070\", \"CVE-2016-10146\", \"CVE-2017-5511\");\n\n script_name(english:\"openSUSE Security Update : GraphicsMagick (openSUSE-2017-214)\");\n script_summary(english:\"Check for the openSUSE-2017-214 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for GraphicsMagick fixes several issues.\n\nThese security issues were fixed :\n\n - CVE-2016-10048: Arbitrary module could have been load\n because relative path were not escaped (bsc#1017310)\n\n - CVE-2016-10050: Corrupt RLE files could have overflowed\n a heap buffer due to a missing offset check\n (bsc#1017312)\n\n - CVE-2016-10051: Fixed use after free when reading PWP\n files (bsc#1017313)\n\n - CVE-2016-10052: Added bound check to exif parsing of\n JPEG files (bsc#1017314)\n\n - CVE-2016-10059: Unchecked calculation when reading TIFF\n files could have lead to a buffer overflow (bsc#1017318)\n\n - CVE-2016-10064: Improved checks for buffer overflow when\n reading TIFF files (bsc#1017321)\n\n - CVE-2016-10065: Unchecked calculations when reading VIFF\n files could have lead to out of bound reads\n (bsc#1017322)\n\n - CVE-2016-10068: Prevent NULL pointer access when using\n the MSL interpreter (bsc#1017324)\n\n - CVE-2016-10069: Add check for invalid mat file\n (bsc#1017325).\n\n - CVE-2016-10070: Prevent allocating the wrong amount of\n memory when reading mat files (bsc#1017326)\n\n - CVE-2016-10146: Captions and labels were handled\n incorrectly, causing a memory leak that could have lead\n to DoS (bsc#1020443)\n\n - CVE-2017-5511: A missing cast when reading PSD files\n could have caused memory corruption by a heap overflow\n (bsc#1020448)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017321\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1017326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020448\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick3-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-debuginfo-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-debugsource-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-devel-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick++-Q16-11-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick++-Q16-11-debuginfo-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick++-devel-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick-Q16-3-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick-Q16-3-debuginfo-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick3-config-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagickWand-Q16-2-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagickWand-Q16-2-debuginfo-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-GraphicsMagick-1.3.21-26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-GraphicsMagick-debuginfo-1.3.21-26.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick / GraphicsMagick-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:30:33", "description": "It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3142-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-8862", "CVE-2016-9556"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:imagemagick", "p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16", "p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b-6.q16-5v5", "p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b4", "p-cpe:/a:canonical:ubuntu_linux:libmagick%2b%2b5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore4", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore4-extra", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3142-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3142-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95427);\n script_version(\"3.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8862\", \"CVE-2016-9556\");\n script_xref(name:\"USN\", value:\"3142-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3142-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that ImageMagick incorrectly handled certain\nmalformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could\nexploit this to cause a denial of service or possibly execute code\nwith the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3142-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-5v5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore4-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore5-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"imagemagick\", pkgver:\"8:6.6.9.7-5ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmagick++4\", pkgver:\"8:6.6.9.7-5ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmagickcore4\", pkgver:\"8:6.6.9.7-5ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libmagickcore4-extra\", pkgver:\"8:6.6.9.7-5ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"imagemagick\", pkgver:\"8:6.7.7.10-6ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagick++5\", pkgver:\"8:6.7.7.10-6ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagickcore5\", pkgver:\"8:6.7.7.10-6ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libmagickcore5-extra\", pkgver:\"8:6.7.7.10-6ubuntu3.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick\", pkgver:\"8:6.8.9.9-7ubuntu5.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.8.9.9-7ubuntu5.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagick++-6.q16-5v5\", pkgver:\"8:6.8.9.9-7ubuntu5.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2\", pkgver:\"8:6.8.9.9-7ubuntu5.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2-extra\", pkgver:\"8:6.8.9.9-7ubuntu5.3\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"imagemagick\", pkgver:\"8:6.8.9.9-7ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.8.9.9-7ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libmagick++-6.q16-5v5\", pkgver:\"8:6.8.9.9-7ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libmagickcore-6.q16-2\", pkgver:\"8:6.8.9.9-7ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libmagickcore-6.q16-2-extra\", pkgver:\"8:6.8.9.9-7ubuntu8.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imagemagick / imagemagick-6.q16 / libmagick++-6.q16-5v5 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:38:29", "description": "Please reference CVE/URL list for details", "cvss3": {}, "published": "2017-05-26T00:00:00", "type": "nessus", "title": "FreeBSD : ImageMagick -- multiple vulnerabilities (50776801-4183-11e7-b291-b499baebfeaf)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5509", "CVE-2017-5510", "CVE-2017-5511", "CVE-2017-6497", "CVE-2017-6498", "CVE-2017-6499", "CVE-2017-6500", "CVE-2017-6501", "CVE-2017-6502", "CVE-2017-7275", "CVE-2017-7606", "CVE-2017-7619", "CVE-2017-7941", "CVE-2017-7942", "CVE-2017-7943", "CVE-2017-8343", "CVE-2017-8344", "CVE-2017-8345", "CVE-2017-8346", "CVE-2017-8347", "CVE-2017-8348", "CVE-2017-8349", "CVE-2017-8350", "CVE-2017-8351", "CVE-2017-8352", "CVE-2017-8353", "CVE-2017-8354", "CVE-2017-8355", "CVE-2017-8356", "CVE-2017-8357", "CVE-2017-8765", "CVE-2017-8830", "CVE-2017-9141", "CVE-2017-9142", "CVE-2017-9143", "CVE-2017-9144"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:imagemagick", "p-cpe:/a:freebsd:freebsd:imagemagick-nox11", "p-cpe:/a:freebsd:freebsd:imagemagick7", "p-cpe:/a:freebsd:freebsd:imagemagick7-nox11", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_50776801418311E7B291B499BAEBFEAF.NASL", "href": "https://www.tenable.com/plugins/nessus/100441", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100441);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5509\", \"CVE-2017-5510\", \"CVE-2017-5511\", \"CVE-2017-6497\", \"CVE-2017-6498\", \"CVE-2017-6499\", \"CVE-2017-6500\", \"CVE-2017-6501\", \"CVE-2017-6502\", \"CVE-2017-7275\", \"CVE-2017-7606\", \"CVE-2017-7619\", \"CVE-2017-7941\", \"CVE-2017-7942\", \"CVE-2017-7943\", \"CVE-2017-8343\", \"CVE-2017-8344\", \"CVE-2017-8345\", \"CVE-2017-8346\", \"CVE-2017-8347\", \"CVE-2017-8348\", \"CVE-2017-8349\", \"CVE-2017-8350\", \"CVE-2017-8351\", \"CVE-2017-8352\", \"CVE-2017-8353\", \"CVE-2017-8354\", \"CVE-2017-8355\", \"CVE-2017-8356\", \"CVE-2017-8357\", \"CVE-2017-8765\", \"CVE-2017-8830\", \"CVE-2017-9141\", \"CVE-2017-9142\", \"CVE-2017-9143\", \"CVE-2017-9144\");\n\n script_name(english:\"FreeBSD : ImageMagick -- multiple vulnerabilities (50776801-4183-11e7-b291-b499baebfeaf)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"Please reference CVE/URL list for details\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nvd.nist.gov/vuln/search/results?query=ImageMagick\"\n );\n # https://vuxml.freebsd.org/freebsd/50776801-4183-11e7-b291-b499baebfeaf.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d111ba13\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick-nox11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick7-nox11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick<6.9.6.4_2,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick>=6.9.7.0,1<6.9.8.8,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick-nox11<6.9.6.4_2,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick-nox11>=6.9.7.0,1<6.9.8.8,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick7<7.0.5.9\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick7-nox11<7.0.5.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:39", "description": "Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation. These issues include several problems in memory handling that can result in a denial of service attack or in execution of arbitrary code by an attacker with control on the image input.", "cvss3": {}, "published": "2016-11-28T00:00:00", "type": "nessus", "title": "Debian DSA-3726-1 : imagemagick - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-8862", "CVE-2016-9556", "CVE-2016-9559"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:imagemagick", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3726.NASL", "href": "https://www.tenable.com/plugins/nessus/95362", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3726. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95362);\n script_version(\"3.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8862\", \"CVE-2016-9556\", \"CVE-2016-9559\");\n script_xref(name:\"DSA\", value:\"3726\");\n\n script_name(english:\"Debian DSA-3726-1 : imagemagick - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several issues have been discovered in ImageMagick, a popular set of\nprograms and libraries for image manipulation. These issues include\nseveral problems in memory handling that can result in a denial of\nservice attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845198\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845212\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845213\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845243\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840435\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/imagemagick\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3726\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the imagemagick packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 8:6.8.9.9-5+deb8u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-6.q16\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-common\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-dbg\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"imagemagick-doc\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libimage-magick-perl\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libimage-magick-q16-perl\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-6-headers\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-6.q16-5\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-6.q16-dev\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagick++-dev\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6-arch-config\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6-headers\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6.q16-2\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6.q16-2-extra\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-6.q16-dev\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickcore-dev\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-6-headers\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-6.q16-2\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-6.q16-dev\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libmagickwand-dev\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"perlmagick\", reference:\"8:6.8.9.9-5+deb8u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:11", "description": "According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more. ImageMagick is one of your choices if you need a program to manipulate and display images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well.Security Fix(es):The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.(CVE-2014-8354)PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).(CVE-2014-8355)DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).(CVE-2014-8562)The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).(CVE-2014-8716)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.(CVE-2014-9821)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.(CVE-2014-9822)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.(CVE-2014-9823)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.(CVE-2014-9824)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.(CVE-2014-9825)coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.(CVE-2014-9837)distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.(CVE-2014-9852)Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.(CVE-2014-9853)coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the ''identification of image.''(CVE-2014-9854)coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.(CVE-2014-9907)The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.(CVE-2015-8900)ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.(CVE-2015-8901)The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.(CVE-2015-8902)The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.(CVE-2015-8903)Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.(CVE-2015-8957)coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.(CVE-2015-8958)Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.(CVE-2016-10046)Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.(CVE-2016-10047)Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.(CVE-2016-10049)The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.(CVE-2016-10053)Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10054)Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10055)Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10056)Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10057)Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.(CVE-2016-10058)Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.(CVE-2016-10059)The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.(CVE-2016-10060)The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.(CVE-2016-10061)The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.(CVE-2016-10062)Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.(CVE-2016-10063)Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10064)The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10065)Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.(CVE-2016-10066)magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving ''too many exceptions,'' which trigger a buffer overflow.(CVE-2016-10067)The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.(CVE-2016-10068)coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.(CVE-2016-10069)Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.(CVE-2016-10070)coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.(CVE-2016-10071)coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.(CVE-2016-10144)Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.(CVE-2016-10145)Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.(CVE-2016-10252)The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4562)The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4563)The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4564)The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.(CVE-2016-5687)The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.(CVE-2016-5688)The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.(CVE-2016-5689)The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.(CVE-2016-5690)The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.(CVE-2016-5691)Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.(CVE-2016-6491)Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.(CVE-2016-6823)The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.(CVE-2016-7101)The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.(CVE-2016-7515)The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.(CVE-2016-7516)The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.(CVE-2016-7517)The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.(CVE-2016-7518)The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.(CVE-2016-7519)Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.(CVE-2016-7520)Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.(CVE-2016-7525)coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.(CVE-2016-7526)The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.(CVE-2016-7528)coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.(CVE-2016-7529)The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.(CVE-2016-7530)MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.(CVE-2016-7531)The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.(CVE-2016-7533)The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.(CVE-2016-7534)Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.(CVE-2016-7539)MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.(CVE-2016-7799)magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.(CVE-2016-7906)The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.(CVE-2016-8677)An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.(CVE-2016-8707)The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure.\n NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.(CVE-2016-8866)coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.(CVE-2016-9559)The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.(CVE-2017-11478)The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.(CVE-2017-11505)The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.(CVE-2017-11523)The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.(CVE-2017-11524)The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11525)The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.(CVE-2017-11526)The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11527)The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.(CVE-2017-11528)The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.(CVE-2017-11529)The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11530)The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.(CVE-2017-12427)In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.(CVE-2017-13139)In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.(CVE-2017-13140)In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.(CVE-2017-13141)In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.(CVE-2017-13142)In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.(CVE-2017-13143)In ImageMagick before 6.9.7-10, there is a crash (rather than a ''width or height exceeds limit'' error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.(CVE-2017-13144)In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.(CVE-2017-13145)In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.(CVE-2017-13146)In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.(CVE-2017-13658)ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.(CVE-2017-17499)ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.(CVE-2017-17504)Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.(CVE-2017-5507)Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.(CVE-2017-5508)coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5509)coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5510)An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).(CVE-2017-6497)An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.(CVE-2017-6498)An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).(CVE-2017-6499)An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.(CVE-2017-6500)An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.(CVE-2017-6501)An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).(CVE-2017-6502)The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.(CVE-2017-7941)The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.(CVE-2017-7942)The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.(CVE-2017-7943)ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.(CVE-2018-16323)In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.(CVE-2018-16328)In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.(CVE-2018-20467)In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.(CVE-2018-6405)ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.(CVE-2019-13133)ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.(CVE-2019-13134)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-1390)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8354", "CVE-2014-8355", "CVE-2014-8562", "CVE-2014-8716", "CVE-2014-9819", "CVE-2014-9821", "CVE-2014-9822", "CVE-2014-9823", "CVE-2014-9824", "CVE-2014-9825", "CVE-2014-9837", "CVE-2014-9852", "CVE-2014-9853", "CVE-2014-9854", "CVE-2014-9907", "CVE-2015-8900", "CVE-2015-8901", "CVE-2015-8902", "CVE-2015-8903", "CVE-2015-8957", "CVE-2015-8958", "CVE-2016-10046", "CVE-2016-10047", "CVE-2016-10049", "CVE-2016-10053", "CVE-2016-10054", "CVE-2016-10055", "CVE-2016-10056", "CVE-2016-10057", "CVE-2016-10058", "CVE-2016-10059", "CVE-2016-10060", "CVE-2016-10061", "CVE-2016-10062", "CVE-2016-10063", "CVE-2016-10064", "CVE-2016-10065", "CVE-2016-10066", "CVE-2016-10067", "CVE-2016-10068", "CVE-2016-10069", "CVE-2016-10070", "CVE-2016-10071", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10252", "CVE-2016-4562", "CVE-2016-4563", "CVE-2016-4564", "CVE-2016-5687", "CVE-2016-5688", "CVE-2016-5689", "CVE-2016-5690", "CVE-2016-5691", "CVE-2016-6491", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7539", "CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-8707", "CVE-2016-8862", "CVE-2016-8866", "CVE-2016-9559", "CVE-2017-11478", "CVE-2017-11505", "CVE-2017-11523", "CVE-2017-11524", "CVE-2017-11525", "CVE-2017-11526", "CVE-2017-11527", "CVE-2017-11528", "CVE-2017-11529", "CVE-2017-11530", "CVE-2017-12427", "CVE-2017-13139", "CVE-2017-13140", "CVE-2017-13141", "CVE-2017-13142", "CVE-2017-13143", "CVE-2017-13144", "CVE-2017-13145", "CVE-2017-13146", "CVE-2017-13658", "CVE-2017-17499", "CVE-2017-17504", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5509", "CVE-2017-5510", "CVE-2017-6497", "CVE-2017-6498", "CVE-2017-6499", "CVE-2017-6500", "CVE-2017-6501", "CVE-2017-6502", "CVE-2017-7941", "CVE-2017-7942", "CVE-2017-7943", "CVE-2018-16323", "CVE-2018-16328", "CVE-2018-20467", "CVE-2018-6405", "CVE-2019-13133", "CVE-2019-13134"], "modified": "2021-02-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:imagemagick", "p-cpe:/a:huawei:euleros:imagemagick-c%2b%2b", "p-cpe:/a:huawei:euleros:imagemagick-libs", "p-cpe:/a:huawei:euleros:imagemagick-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1390.NASL", "href": "https://www.tenable.com/plugins/nessus/135519", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135519);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2014-8354\",\n \"CVE-2014-8355\",\n \"CVE-2014-8562\",\n \"CVE-2014-8716\",\n \"CVE-2014-9821\",\n \"CVE-2014-9822\",\n \"CVE-2014-9823\",\n \"CVE-2014-9824\",\n \"CVE-2014-9825\",\n \"CVE-2014-9837\",\n \"CVE-2014-9852\",\n \"CVE-2014-9853\",\n \"CVE-2014-9854\",\n \"CVE-2014-9907\",\n \"CVE-2015-8900\",\n \"CVE-2015-8901\",\n \"CVE-2015-8902\",\n \"CVE-2015-8903\",\n \"CVE-2015-8957\",\n \"CVE-2015-8958\",\n \"CVE-2016-10046\",\n \"CVE-2016-10047\",\n \"CVE-2016-10049\",\n \"CVE-2016-10053\",\n \"CVE-2016-10054\",\n \"CVE-2016-10055\",\n \"CVE-2016-10056\",\n \"CVE-2016-10057\",\n \"CVE-2016-10058\",\n \"CVE-2016-10059\",\n \"CVE-2016-10060\",\n \"CVE-2016-10061\",\n \"CVE-2016-10062\",\n \"CVE-2016-10063\",\n \"CVE-2016-10064\",\n \"CVE-2016-10065\",\n \"CVE-2016-10066\",\n \"CVE-2016-10067\",\n \"CVE-2016-10068\",\n \"CVE-2016-10069\",\n \"CVE-2016-10070\",\n \"CVE-2016-10071\",\n \"CVE-2016-10144\",\n \"CVE-2016-10145\",\n \"CVE-2016-10252\",\n \"CVE-2016-4562\",\n \"CVE-2016-4563\",\n \"CVE-2016-4564\",\n \"CVE-2016-5687\",\n \"CVE-2016-5688\",\n \"CVE-2016-5689\",\n \"CVE-2016-5690\",\n \"CVE-2016-5691\",\n \"CVE-2016-6491\",\n \"CVE-2016-6823\",\n \"CVE-2016-7101\",\n \"CVE-2016-7515\",\n \"CVE-2016-7516\",\n \"CVE-2016-7517\",\n \"CVE-2016-7518\",\n \"CVE-2016-7519\",\n \"CVE-2016-7520\",\n \"CVE-2016-7525\",\n \"CVE-2016-7526\",\n \"CVE-2016-7528\",\n \"CVE-2016-7529\",\n \"CVE-2016-7530\",\n \"CVE-2016-7531\",\n \"CVE-2016-7533\",\n \"CVE-2016-7534\",\n \"CVE-2016-7539\",\n \"CVE-2016-7799\",\n \"CVE-2016-7906\",\n \"CVE-2016-8677\",\n \"CVE-2016-8707\",\n \"CVE-2016-8866\",\n \"CVE-2016-9559\",\n \"CVE-2017-11478\",\n \"CVE-2017-11505\",\n \"CVE-2017-11523\",\n \"CVE-2017-11524\",\n \"CVE-2017-11525\",\n \"CVE-2017-11526\",\n \"CVE-2017-11527\",\n \"CVE-2017-11528\",\n \"CVE-2017-11529\",\n \"CVE-2017-11530\",\n \"CVE-2017-12427\",\n \"CVE-2017-13139\",\n \"CVE-2017-13140\",\n \"CVE-2017-13141\",\n \"CVE-2017-13142\",\n \"CVE-2017-13143\",\n \"CVE-2017-13144\",\n \"CVE-2017-13145\",\n \"CVE-2017-13146\",\n \"CVE-2017-13658\",\n \"CVE-2017-17499\",\n \"CVE-2017-17504\",\n \"CVE-2017-5507\",\n \"CVE-2017-5508\",\n \"CVE-2017-5509\",\n \"CVE-2017-5510\",\n \"CVE-2017-6497\",\n \"CVE-2017-6498\",\n \"CVE-2017-6499\",\n \"CVE-2017-6500\",\n \"CVE-2017-6501\",\n \"CVE-2017-6502\",\n \"CVE-2017-7941\",\n \"CVE-2017-7942\",\n \"CVE-2017-7943\",\n \"CVE-2018-16323\",\n \"CVE-2018-16328\",\n \"CVE-2018-20467\",\n \"CVE-2018-6405\",\n \"CVE-2019-13133\",\n \"CVE-2019-13134\"\n );\n script_bugtraq_id(\n 70830,\n 70837,\n 70839,\n 70992\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-1390)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick is an image display and manipulation tool\n for the X Window System. ImageMagick can read and write\n JPEG, TIFF, PNM, GIF, and Photo CD image formats. It\n can resize, rotate, sharpen, color reduce, or add\n special effects to an image, and when finished you can\n either save the completed work in the original format\n or a different one. ImageMagick also includes command\n line programs for creating animated or transparent\n .gifs, creating composite images, creating thumbnail\n images, and more. ImageMagick is one of your choices if\n you need a program to manipulate and display images. If\n you want to develop your own applications which use\n ImageMagick code or APIs, you need to install\n ImageMagick-devel as well.Security Fix(es):The\n HorizontalFilter function in resize.c in ImageMagick\n before 6.8.9-9 allows remote attackers to cause a\n denial of service (out-of-bounds read) via a crafted\n image file.(CVE-2014-8354)PCX parser code in\n ImageMagick before 6.8.9-9 allows remote attackers to\n cause a denial of service (out-of-bounds\n read).(CVE-2014-8355)DCM decode in ImageMagick before\n 6.8.9-9 allows remote attackers to cause a denial of\n service (out-of-bounds read).(CVE-2014-8562)The JPEG\n decoder in ImageMagick before 6.8.9-9 allows local\n users to cause a denial of service (out-of-bounds\n memory access and crash).(CVE-2014-8716)Heap-based\n buffer overflow in ImageMagick allows remote attackers\n to have unspecified impact via a crafted xpm\n file.(CVE-2014-9821)Heap-based buffer overflow in\n ImageMagick allows remote attackers to have unspecified\n impact via a crafted quantum\n file.(CVE-2014-9822)Heap-based buffer overflow in\n ImageMagick allows remote attackers to have unspecified\n impact via a crafted palm file, a different\n vulnerability than\n CVE-2014-9819.(CVE-2014-9823)Heap-based buffer overflow\n in ImageMagick allows remote attackers to have\n unspecified impact via a crafted psd file, a different\n vulnerability than\n CVE-2014-9825.(CVE-2014-9824)Heap-based buffer overflow\n in ImageMagick allows remote attackers to have\n unspecified impact via a crafted psd file, a different\n vulnerability than\n CVE-2014-9824.(CVE-2014-9825)coders/pnm.c in\n ImageMagick 6.9.0-1 Beta and earlier allows remote\n attackers to cause a denial of service (crash) via a\n crafted png file.(CVE-2014-9837)distribute-cache.c in\n ImageMagick re-uses objects after they have been\n destroyed, which allows remote attackers to have\n unspecified impact via unspecified\n vectors.(CVE-2014-9852)Memory leak in coders/rle.c in\n ImageMagick allows remote attackers to cause a denial\n of service (memory consumption) via a crafted rle\n file.(CVE-2014-9853)coders/tiff.c in ImageMagick allows\n remote attackers to cause a denial of service\n (application crash) via vectors related to the\n ''identification of image.''(CVE-2014-9854)coders/dds.c\n in ImageMagick allows remote attackers to cause a\n denial of service via a crafted DDS\n file.(CVE-2014-9907)The ReadHDRImage function in\n coders/hdr.c in ImageMagick 6.x and 7.x allows remote\n attackers to cause a denial of service (infinite loop)\n via a crafted HDR file.(CVE-2015-8900)ImageMagick 6.x\n before 6.9.0-5 Beta allows remote attackers to cause a\n denial of service (infinite loop) via a crafted MIFF\n file.(CVE-2015-8901)The ReadBlobByte function in\n coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta\n allows remote attackers to cause a denial of service\n (infinite loop) via a crafted PDB\n file.(CVE-2015-8902)The ReadVICARImage function in\n coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta\n allows remote attackers to cause a denial of service\n (infinite loop) via a crafted VICAR\n file.(CVE-2015-8903)Buffer overflow in ImageMagick\n before 6.9.0-4 Beta allows remote attackers to cause a\n denial of service (application crash) via a crafted SUN\n file.(CVE-2015-8957)coders/sun.c in ImageMagick before\n 6.9.0-4 Beta allows remote attackers to cause a denial\n of service (out-of-bounds read and application crash)\n via a crafted SUN file.(CVE-2015-8958)Heap-based buffer\n overflow in the DrawImage function in magick/draw.c in\n ImageMagick before 6.9.5-5 allows remote attackers to\n cause a denial of service (application crash) via a\n crafted image file.(CVE-2016-10046)Memory leak in the\n NewXMLTree function in magick/xml-tree.c in ImageMagick\n before 6.9.4-7 allows remote attackers to cause a\n denial of service (memory consumption) via a crafted\n XML file.(CVE-2016-10047)Buffer overflow in the\n ReadRLEImage function in coders/rle.c in ImageMagick\n before 6.9.4-4 allows remote attackers to cause a\n denial of service (application crash) or have other\n unspecified impact via a crafted RLE\n file.(CVE-2016-10049)The WriteTIFFImage function in\n coders/tiff.c in ImageMagick before 6.9.5-8 allows\n remote attackers to cause a denial of service\n (divide-by-zero error and application crash) via a\n crafted file.(CVE-2016-10053)Buffer overflow in the\n WriteMAPImage function in coders/map.c in ImageMagick\n before 6.9.5-8 allows remote attackers to cause a\n denial of service (application crash) or have other\n unspecified impact via a crafted\n file.(CVE-2016-10054)Buffer overflow in the\n WritePDBImage function in coders/pdb.c in ImageMagick\n before 6.9.5-8 allows remote attackers to cause a\n denial of service (application crash) or have other\n unspecified impact via a crafted\n file.(CVE-2016-10055)Buffer overflow in the\n sixel_decode function in coders/sixel.c in ImageMagick\n before 6.9.5-8 allows remote attackers to cause a\n denial of service (application crash) or have other\n unspecified impact via a crafted\n file.(CVE-2016-10056)Buffer overflow in the\n WriteGROUP4Image function in coders/tiff.c in\n ImageMagick before 6.9.5-8 allows remote attackers to\n cause a denial of service (application crash) or have\n other unspecified impact via a crafted\n file.(CVE-2016-10057)Memory leak in the ReadPSDLayers\n function in coders/psd.c in ImageMagick before 6.9.6-3\n allows remote attackers to cause a denial of service\n (memory consumption) via a crafted image\n file.(CVE-2016-10058)Buffer overflow in coders/tiff.c\n in ImageMagick before 6.9.4-1 allows remote attackers\n to cause a denial of service (application crash) or\n have unspecified other impact via a crafted TIFF\n file.(CVE-2016-10059)The ConcatenateImages function in\n MagickWand/magick-cli.c in ImageMagick before 7.0.1-10\n does not check the return value of the fputc function,\n which allows remote attackers to cause a denial of\n service (application crash) via a crafted\n file.(CVE-2016-10060)The ReadGROUP4Image function in\n coders/tiff.c in ImageMagick before 7.0.1-10 does not\n check the return value of the fputc function, which\n allows remote attackers to cause a denial of service\n (crash) via a crafted image file.(CVE-2016-10061)The\n ReadGROUP4Image function in coders/tiff.c in\n ImageMagick does not check the return value of the\n fwrite function, which allows remote attackers to cause\n a denial of service (application crash) via a crafted\n file.(CVE-2016-10062)Buffer overflow in coders/tiff.c\n in ImageMagick before 6.9.5-1 allows remote attackers\n to cause a denial of service (application crash) or\n have other unspecified impact via a crafted file,\n related to extend validity.(CVE-2016-10063)Buffer\n overflow in coders/tiff.c in ImageMagick before 6.9.5-1\n allows remote attackers to cause a denial of service\n (application crash) or have other unspecified impact\n via a crafted file.(CVE-2016-10064)The ReadVIFFImage\n function in coders/viff.c in ImageMagick before 7.0.1-0\n allows remote attackers to cause a denial of service\n (application crash) or have other unspecified impact\n via a crafted file.(CVE-2016-10065)Buffer overflow in\n the ReadVIFFImage function in coders/viff.c in\n ImageMagick before 6.9.4-5 allows remote attackers to\n cause a denial of service (application crash) via a\n crafted file.(CVE-2016-10066)magick/memory.c in\n ImageMagick before 6.9.4-5 allows remote attackers to\n cause a denial of service (application crash) via\n vectors involving ''too many exceptions,'' which\n trigger a buffer overflow.(CVE-2016-10067)The MSL\n interpreter in ImageMagick before 6.9.6-4 allows remote\n attackers to cause a denial of service (segmentation\n fault and application crash) via a crafted XML\n file.(CVE-2016-10068)coders/mat.c in ImageMagick before\n 6.9.4-5 allows remote attackers to cause a denial of\n service (application crash) via a mat file with an\n invalid number of frames.(CVE-2016-10069)Heap-based\n buffer overflow in the CalcMinMax function in\n coders/mat.c in ImageMagick before 6.9.4-0 allows\n remote attackers to cause a denial of service\n (out-of-bounds read and application crash) via a\n crafted mat file.(CVE-2016-10070)coders/mat.c in\n ImageMagick before 6.9.4-0 allows remote attackers to\n cause a denial of service (out-of-bounds read and\n application crash) via a crafted mat\n file.(CVE-2016-10071)coders/ipl.c in ImageMagick allows\n remote attackers to have unspecific impact by\n leveraging a missing malloc\n check.(CVE-2016-10144)Off-by-one error in coders/wpg.c\n in ImageMagick allows remote attackers to have\n unspecified impact via vectors related to a string\n copy.(CVE-2016-10145)Memory leak in the IsOptionMember\n function in MagickCore/option.c in ImageMagick before\n 6.9.2-2, as used in ODR-PadEnc and other products,\n allows attackers to trigger memory\n consumption.(CVE-2016-10252)The DrawDashPolygon\n function in MagickCore/draw.c in ImageMagick before\n 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations\n of certain vertices integer data, which allows remote\n attackers to cause a denial of service (buffer overflow\n and application crash) or possibly have unspecified\n other impact via a crafted file.(CVE-2016-4562)The\n TraceStrokePolygon function in MagickCore/draw.c in\n ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2\n mishandles the relationship between the BezierQuantum\n value and certain strokes data, which allows remote\n attackers to cause a denial of service (buffer overflow\n and application crash) or possibly have unspecified\n other impact via a crafted file.(CVE-2016-4563)The\n DrawImage function in MagickCore/draw.c in ImageMagick\n before 6.9.4-0 and 7.x before 7.0.1-2 makes an\n incorrect function call in attempting to locate the\n next token, which allows remote attackers to cause a\n denial of service (buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted file.(CVE-2016-4564)The VerticalFilter function\n in the DDS coder in ImageMagick before 6.9.4-3 and 7.x\n before 7.0.1-4 allows remote attackers to have\n unspecified impact via a crafted DDS file, which\n triggers an out-of-bounds read.(CVE-2016-5687)The WPG\n parser in ImageMagick before 6.9.4-4 and 7.x before\n 7.0.1-5, when a memory limit is set, allows remote\n attackers to have unspecified impact via vectors\n related to the SetImageExtent return-value check, which\n trigger (1) a heap-based buffer overflow in the\n SetPixelIndex function or an invalid write operation in\n the (2) ScaleCharToQuantum or (3) SetPixelIndex\n functions.(CVE-2016-5688)The DCM reader in ImageMagick\n before 6.9.4-5 and 7.x before 7.0.1-7 allows remote\n attackers to have unspecified impact by leveraging lack\n of NULL pointer checks.(CVE-2016-5689)The ReadDCMImage\n function in DCM reader in ImageMagick before 6.9.4-5\n and 7.x before 7.0.1-7 allows remote attackers to have\n unspecified impact via vectors involving the for\n statement in computing the pixel scaling\n table.(CVE-2016-5690)The DCM reader in ImageMagick\n before 6.9.4-5 and 7.x before 7.0.1-7 allows remote\n attackers to have unspecified impact by leveraging lack\n of validation of (1) pixel.red, (2) pixel.green, and\n (3) pixel.blue.(CVE-2016-5691)Buffer overflow in the\n Get8BIMProperty function in MagickCore/property.c in\n ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6\n allows remote attackers to cause a denial of service\n (out-of-bounds read, memory leak, and crash) via a\n crafted image.(CVE-2016-6491)Integer overflow in the\n BMP coder in ImageMagick before 7.0.2-10 allows remote\n attackers to cause a denial of service (crash) via\n crafted height and width values, which triggers an\n out-of-bounds write.(CVE-2016-6823)The SGI coder in\n ImageMagick before 7.0.2-10 allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n large row value in an sgi file.(CVE-2016-7101)The\n ReadRLEImage function in coders/rle.c in ImageMagick\n allows remote attackers to cause a denial of service\n (out-of-bounds read) via vectors related to the number\n of pixels.(CVE-2016-7515)The ReadVIFFImage function in\n coders/viff.c in ImageMagick allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted VIFF file.(CVE-2016-7516)The EncodeImage\n function in coders/pict.c in ImageMagick allows remote\n attackers to cause a denial of service (out-of-bounds\n read) via a crafted PICT file.(CVE-2016-7517)The\n ReadSUNImage function in coders/sun.c in ImageMagick\n allows remote attackers to cause a denial of service\n (out-of-bounds read) via a crafted SUN\n file.(CVE-2016-7518)The ReadRLEImage function in\n coders/rle.c in ImageMagick allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted file.(CVE-2016-7519)Heap-based buffer overflow\n in coders/hdr.c in ImageMagick allows remote attackers\n to cause a denial of service (out-of-bounds read) via a\n crafted HDR file.(CVE-2016-7520)Heap-based buffer\n overflow in coders/psd.c in ImageMagick allows remote\n attackers to cause a denial of service (out-of-bounds\n read) via a crafted PSD\n file.(CVE-2016-7525)coders/wpg.c in ImageMagick allows\n remote attackers to cause a denial of service\n (out-of-bounds write) via a crafted\n file.(CVE-2016-7526)The ReadVIFFImage function in\n coders/viff.c in ImageMagick allows remote attackers to\n cause a denial of service (segmentation fault) via a\n crafted VIFF file.(CVE-2016-7528)coders/xcf.c in\n ImageMagick allows remote attackers to cause a denial\n of service (out-of-bounds read) via a crafted XCF\n file.(CVE-2016-7529)The quantum handling code in\n ImageMagick allows remote attackers to cause a denial\n of service (divide-by-zero error or out-of-bounds\n write) via a crafted\n file.(CVE-2016-7530)MagickCore/memory.c in ImageMagick\n allows remote attackers to cause a denial of service\n (out-of-bounds write) via a crafted PDB\n file.(CVE-2016-7531)The ReadWPGImage function in\n coders/wpg.c in ImageMagick allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted WPG file.(CVE-2016-7533)The generic decoder in\n ImageMagick allows remote attackers to cause a denial\n of service (out-of-bounds access) via a crafted\n file.(CVE-2016-7534)Memory leak in AcquireVirtualMemory\n in ImageMagick before 7 allows remote attackers to\n cause a denial of service (memory consumption) via\n unspecified vectors.(CVE-2016-7539)MagickCore/profile.c\n in ImageMagick before 7.0.3-2 allows remote attackers\n to cause a denial of service (out-of-bounds read) via a\n crafted file.(CVE-2016-7799)magick/attribute.c in\n ImageMagick 7.0.3-2 allows remote attackers to cause a\n denial of service (use-after-free) via a crafted\n file.(CVE-2016-7906)The AcquireQuantumPixels function\n in MagickCore/quantum.c in ImageMagick before 7.0.3-1\n allows remote attackers to have unspecified impact via\n a crafted image file, which triggers a memory\n allocation failure.(CVE-2016-8677)An exploitable out of\n bounds write exists in the handling of compressed TIFF\n images in ImageMagicks's convert utility. A crafted\n TIFF document can lead to an out of bounds write which\n in particular circumstances could be leveraged into\n remote code execution. The vulnerability can be\n triggered through any user controlled TIFF that is\n handled by this functionality.(CVE-2016-8707)The\n AcquireMagickMemory function in MagickCore/memory.c in\n ImageMagick 7.0.3.3 before 7.0.3.8 allows remote\n attackers to have unspecified impact via a crafted\n image, which triggers a memory allocation failure.\n NOTE: this vulnerability exists because of an\n incomplete fix for\n CVE-2016-8862.(CVE-2016-8866)coders/tiff.c in\n ImageMagick before 7.0.3.7 allows remote attackers to\n cause a denial of service (NULL pointer dereference and\n crash) via a crafted image.(CVE-2016-9559)The\n ReadOneDJVUImage function in coders/djvu.c in\n ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1\n allows remote attackers to cause a denial of service\n (infinite loop and CPU consumption) via a malformed\n DJVU image.(CVE-2017-11478)The ReadOneJNGImage function\n in coders/png.c in ImageMagick through 6.9.9-0 and 7.x\n through 7.0.6-1 allows remote attackers to cause a\n denial of service (large loop and CPU consumption) via\n a malformed JNG file.(CVE-2017-11505)The ReadTXTImage\n function in coders/txt.c in ImageMagick through 6.9.9-0\n and 7.x through 7.0.6-1 allows remote attackers to\n cause a denial of service (infinite loop) via a crafted\n file, because the end-of-file condition is not\n considered.(CVE-2017-11523)The WriteBlob function in\n MagickCore/blob.c in ImageMagick before 6.9.8-10 and\n 7.x before 7.6.0-0 allows remote attackers to cause a\n denial of service (assertion failure and application\n exit) via a crafted file.(CVE-2017-11524)The\n ReadCINImage function in coders/cin.c in ImageMagick\n before 6.9.9-0 and 7.x before 7.0.6-1 allows remote\n attackers to cause a denial of service (memory\n consumption) via a crafted file.(CVE-2017-11525)The\n ReadOneMNGImage function in coders/png.c in ImageMagick\n before 6.9.9-0 and 7.x before 7.0.6-1 allows remote\n attackers to cause a denial of service (large loop and\n CPU consumption) via a crafted file.(CVE-2017-11526)The\n ReadDPXImage function in coders/dpx.c in ImageMagick\n before 6.9.9-0 and 7.x before 7.0.6-1 allows remote\n attackers to cause a denial of service (memory\n consumption) via a crafted file.(CVE-2017-11527)The\n ReadDIBImage function in coders/dib.c in ImageMagick\n before 6.9.9-0 and 7.x before 7.0.6-1 allows remote\n attackers to cause a denial of service (memory leak)\n via a crafted file.(CVE-2017-11528)The ReadMATImage\n function in coders/mat.c in ImageMagick before 6.9.9-0\n and 7.x before 7.0.6-1 allows remote attackers to cause\n a denial of service (memory leak) via a crafted\n file.(CVE-2017-11529)The ReadEPTImage function in\n coders/ept.c in ImageMagick before 6.9.9-0 and 7.x\n before 7.0.6-1 allows remote attackers to cause a\n denial of service (memory consumption) via a crafted\n file.(CVE-2017-11530)The ProcessMSLScript function in\n coders/msl.c in ImageMagick before 6.9.9-5 and 7.x\n before 7.0.6-5 allows remote attackers to cause a\n denial of service (memory leak) via a crafted file,\n related to the WriteMSLImage\n function.(CVE-2017-12427)In ImageMagick before 6.9.9-0\n and 7.x before 7.0.6-1, the ReadOneMNGImage function in\n coders/png.c has an out-of-bounds read with the MNG\n CLIP chunk.(CVE-2017-13139)In ImageMagick before\n 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage\n function in coders/png.c allows remote attackers to\n cause a denial of service (application hang in\n LockSemaphoreInfo) via a PNG file with a width equal to\n MAGICK_WIDTH_LIMIT.(CVE-2017-13140)In ImageMagick\n before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file\n could trigger a memory leak in ReadOnePNGImage in\n coders/png.c.(CVE-2017-13141)In ImageMagick before\n 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file\n could trigger a crash because there was an insufficient\n check for short files.(CVE-2017-13142)In ImageMagick\n before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage\n function in coders/mat.c uses uninitialized data, which\n might allow remote attackers to obtain sensitive\n information from process memory.(CVE-2017-13143)In\n ImageMagick before 6.9.7-10, there is a crash (rather\n than a ''width or height exceeds limit'' error report)\n if the image dimensions are too large, as demonstrated\n by use of the mpc coder.(CVE-2017-13144)In ImageMagick\n before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image\n function in coders/jp2.c does not properly validate the\n channel geometry, leading to a crash.(CVE-2017-13145)In\n ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6,\n there is a memory leak in the ReadMATImage function in\n coders/mat.c.(CVE-2017-13146)In ImageMagick before\n 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL\n check in the ReadMATImage function in coders/mat.c,\n leading to a denial of service (assertion failure and\n application exit) in the DestroyImageInfo function in\n MagickCore/image.c.(CVE-2017-13658)ImageMagick before\n 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free\n in Magick::Image::read in\n Magick++/lib/Image.cpp.(CVE-2017-17499)ImageMagick\n before 7.0.7-12 has a coders/png.c\n Magick_png_read_raw_profile heap-based buffer over-read\n via a crafted file, related to\n ReadOneMNGImage.(CVE-2017-17504)Memory leak in\n coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x\n before 7.0.4-4 allows remote attackers to cause a\n denial of service (memory consumption) via vectors\n involving a pixel cache.(CVE-2017-5507)Heap-based\n buffer overflow in the PushQuantumPixel function in\n ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3\n allows remote attackers to cause a denial of service\n (application crash) via a crafted TIFF\n file.(CVE-2017-5508)coders/psd.c in ImageMagick allows\n remote attackers to have unspecified impact via a\n crafted PSD file, which triggers an out-of-bounds\n write.(CVE-2017-5509)coders/psd.c in ImageMagick allows\n remote attackers to have unspecified impact via a\n crafted PSD file, which triggers an out-of-bounds\n write.(CVE-2017-5510)An issue was discovered in\n ImageMagick 6.9.7. A specially crafted psd file could\n lead to a NULL pointer dereference (thus, a\n DoS).(CVE-2017-6497)An issue was discovered in\n ImageMagick 6.9.7. Incorrect TGA files could trigger\n assertion failures, thus leading to\n DoS.(CVE-2017-6498)An issue was discovered in Magick++\n in ImageMagick 6.9.7. A specially crafted file creating\n a nested exception could lead to a memory leak (thus, a\n DoS).(CVE-2017-6499)An issue was discovered in\n ImageMagick 6.9.7. A specially crafted sun file\n triggers a heap-based buffer\n over-read.(CVE-2017-6500)An issue was discovered in\n ImageMagick 6.9.7. A specially crafted xcf file could\n lead to a NULL pointer dereference.(CVE-2017-6501)An\n issue was discovered in ImageMagick 6.9.7. A specially\n crafted webp file could lead to a file-descriptor leak\n in libmagickcore (thus, a DoS).(CVE-2017-6502)The\n ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4\n allows remote attackers to consume an amount of\n available memory via a crafted file.(CVE-2017-7941)The\n ReadAVSImage function in avs.c in ImageMagick 7.0.5-4\n allows remote attackers to consume an amount of\n available memory via a crafted file.(CVE-2017-7942)The\n ReadSVGImage function in svg.c in ImageMagick 7.0.5-4\n allows remote attackers to consume an amount of\n available memory via a crafted\n file.(CVE-2017-7943)ReadXBMImage in coders/xbm.c in\n ImageMagick before 7.0.8-9 leaves data uninitialized\n when processing an XBM file that has a negative pixel\n value. If the affected code is used as a library loaded\n into a process that includes sensitive information,\n that information sometimes can be leaked via the image\n data.(CVE-2018-16323)In ImageMagick before 7.0.8-8, a\n NULL pointer dereference exists in the\n CheckEventLogging function in\n MagickCore/log.c.(CVE-2018-16328)In coders/bmp.c in\n ImageMagick before 7.0.8-16, an input file can result\n in an infinite loop and hang, with high CPU and memory\n consumption. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted file.(CVE-2018-20467)In the ReadDCMImage\n function in coders/dcm.c in ImageMagick before\n 7.0.7-23, each redmap, greenmap, and bluemap variable\n can be overwritten by a new pointer. The previous\n pointer is lost, which leads to a memory leak. This\n allows remote attackers to cause a denial of\n service.(CVE-2018-6405)ImageMagick before 7.0.8-50 has\n a memory leak vulnerability in the function\n ReadBMPImage in\n coders/bmp.c.(CVE-2019-13133)ImageMagick before\n 7.0.8-50 has a memory leak vulnerability in the\n function ReadVIFFImage in\n coders/viff.c.(CVE-2019-13134)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1390\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?87d1a530\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16328\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.9.9.38-1.h6\",\n \"ImageMagick-c++-6.9.9.38-1.h6\",\n \"ImageMagick-libs-6.9.9.38-1.h6\",\n \"ImageMagick-perl-6.9.9.38-1.h6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:56", "description": "According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF,and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed work in the original format or a different one. ImageMagick also includes command line programs for creating animated or transparent .gifs, creating composite images, creating thumbnail images, and more.ImageMagick is one of your choices if you need a program to manipulate and display images. If you want to develop your own applications which use ImageMagick code or APIs, you need to install ImageMagick-devel as well.Security Fix(es):In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.(CVE-2019-7175)ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.(CVE-2018-16323)In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.(CVE-2018-16328)The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4562)The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4563)The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4564 )The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11525)In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.(CVE-2018-20467)coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.(CVE-2014-9837)coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.(CVE-2015-8958)Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.(CVE-2016-10058)The MSL interpreter in ImageMagick before 6.9.6-4 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted XML file.(CVE-2016-10068)The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.(CVE-2016-5690)Heap-based buffer overflow in coders/hdr.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted HDR file.(CVE-2016-7520)MagickCore/profile.c in ImageMagick before 7.0.3-2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.(CVE-2016-7799)The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file.(CVE-2017-11526)In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.(CVE-2017-13143)coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5510)In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.(CVE-2018-6405)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.(CVE-2014-9825)Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.(CVE-2015-8957)Buffer overflow in the WriteGROUP4Image function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10057)magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving 'too many exceptions,' which trigger a buffer overflow.(CVE-2016-10067)The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.(CVE-2016-5689)The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.(CVE-2016-7519)Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.(CVE-2016-7539)The WriteBlob function in MagickCore/blob.c in ImageMagick before 6.9.8-10 and 7.x before 7.6.0-0 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted file.(CVE-2017-11524)In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files.(CVE-2017-13142)coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5509)The ReadSVGImage function in svg.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.(CVE-2017-7943)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.(CVE-2014-9824)The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.(CVE-2015-8903)Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10056)Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.(CVE-2016-10066)The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger (1) a heap-based buffer overflow in the SetPixelIndex function or an invalid write operation in the (2) ScaleCharToQuantum or (3) SetPixelIndex functions.(CVE-2016-5688)The ReadSUNImage function in coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SUN file.(CVE-2016-7518)The generic decoder in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted file.(CVE-2016-7534)The ReadTXTImage function in coders/txt.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop) via a crafted file, because the end-of-file condition is not considered.(CVE-2017-11523)In ImageMagick before 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could trigger a memory leak in ReadOnePNGImage in coders/png.c.(CVE-2017-13141)Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.(CVE-2017-5508)The ReadAVSImage function in avs.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.(CVE-2017-7942)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.(CVE-2014-9823)The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.(CVE-2015-8902)Buffer overflow in the WritePDBImage function in coders/pdb.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10055)The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10065)The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.(CVE-2016-5687)The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.(CVE-2016-7517)The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.(CVE-2016-7533)The ReadOneJNGImage function in coders/png.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a malformed JNG file.(CVE-2017-11505)In ImageMagick before 6.9.9-1 and 7.x before 7.0.6-2, the ReadOnePNGImage function in coders/png.c allows remote attackers to cause a denial of service (application hang in LockSemaphoreInfo) via a PNG file with a width equal to MAGICK_WIDTH_LIMIT.(CVE-2017-13140)Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.(CVE-2017-5507)The ReadSGIImage function in sgi.c in ImageMagick 7.0.5-4 allows remote attackers to consume an amount of available memory via a crafted file.(CVE-2017-7941)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.(CVE-2014-9822)ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.(CVE-2015-8901)Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10054)Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10064)Memory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.(CVE-2016-10252)The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.(CVE-2016-7516)MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.(CVE-2016-7531)The ReadOneDJVUImage function in coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x through 7.0.6-1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed DJVU image.(CVE-2017-11478)In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.(CVE-2017-13139)ImageMagick before 7.0.7-12 has a coders/png.c Magick_png_read_raw_profile heap-based buffer over-read via a crafted file, related to ReadOneMNGImage.(CVE-2017-17504)An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).(CVE-2017-6502)Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.(CVE-2014-9821)The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.(CVE-2015-8900)The WriteTIFFImage function in coders/tiff.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.(CVE-2016-10053)Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity.(CVE-2016-10063)Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.(CVE-2016-10145)The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.(CVE-2016-7515)The quantum handling code in ImageMagick allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds write) via a crafted file.(CVE-2016-7530)coders/tiff.c in ImageMagick before 7.0.3.7 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted image.(CVE-2016-9559)The ProcessMSLScript function in coders/msl.c in ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5 allows remote attackers to cause a denial of service (memory leak) via a crafted file, related to the WriteMSLImage function.(CVE-2017-12427)ImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.(CVE-2017-17499)An issue was discovered in ImageMagick 6.9.7. A specially crafted xcf file could lead to a NULL pointer dereference.(CVE-2017-6501)The JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).(CVE-2014-8716)coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.(CVE-2014-9907)Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.(CVE-2016-10052)The ReadGROUP4Image function in coders/tiff.c in ImageMagick does not check the return value of the fwrite function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.(CVE-2016-10062)coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.(CVE-2016-10144)The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.(CVE-2016-7101)coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.(CVE-2016-7529)The AcquireMagickMemory function in MagickCore/memory.c in ImageMagick 7.0.3.3 before 7.0.3.8 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862.(CVE-2016-8866)The ReadEPTImage function in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11530)In ImageMagick before 6.9.9-3 and 7.x before 7.0.6-3, there is a missing NULL check in the ReadMATImage function in coders/mat.c, leading to a denial of service (assertion failure and application exit) in the DestroyImageInfo function in MagickCore/image.c.(CVE-2017-13658)An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.(CVE-2017-6500)DCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).(CVE-2014-8562)coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the 'identification of image.'(CVE-2014-9854)Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.(CVE-2016-10049)The ReadGROUP4Image function in coders/tiff.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (crash) via a crafted image file.(CVE-2016-10061)coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.(CVE-2016-10071)Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.(CVE-2016-6823)The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.(CVE-2016-7528)An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution. The vulnerability can be triggered through any user controlled TIFF that is handled by this functionality.(CVE-2016-8707)The ReadMATImage function in coders/mat.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.(CVE-2017-11529)In ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.(CVE-2017-13146)An issue was discovered in Magick++ in ImageMagick 6.9.7. A specially crafted file creating a nested exception could lead to a memory leak (thus, a DoS).(CVE-2017-6499)PCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).(CVE-2014-8355)Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.(CVE-2014-9853)Memory leak in the NewXMLTree function in magick/xml-tree.c in ImageMagick before 6.9.4-7 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML file.(CVE-2016-10047)The ConcatenateImages function in MagickWand/magick-cli.c in ImageMagick before 7.0.1-10 does not check the return value of the fputc function, which allows remote attackers to cause a denial of service (application crash) via a crafted file.(CVE-2016-10060)Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.(CVE-2016-10070)Buffer overflow in the Get8BIMProperty function in MagickCore/property.c in ImageMagick before 6.9.5-4 and 7.x before 7.0.2-6 allows remote attackers to cause a denial of service (out-of-bounds read, memory leak, and crash) via a crafted image.(CVE-2016-6491)coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.(CVE-2016-7526)The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.(CVE-2016-8677)The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.(CVE-2017-11528)In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash.(CVE-2017-13145)An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.(CVE-2017-6498)The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.(CVE-2014-8354)distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.(CVE-2014-9852)Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.(CVE-2016-10046)Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.(CVE-2016-10059)coders/mat.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a mat file with an invalid number of frames.(CVE-2016-10069)The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.(CVE-2016-5691)Heap-based buffer overflow in coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.(CVE-2016-7525)magick/attribute.c in ImageMagick 7.0.3-2 allows remote attackers to cause a denial of service (use-after-free) via a crafted file.(CVE-2016-7906)The ReadDPXImage function in coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11527)In ImageMagick before 6.9.7-10, there is a crash (rather than a 'width or height exceeds limit' error report) if the image dimensions are too large, as demonstrated by use of the mpc coder.(CVE-2017-13144)An issue was discovered in ImageMagick 6.9.7. A specially crafted psd file could lead to a NULL pointer dereference (thus, a DoS).(CVE-2017-6497)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2019-2354)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8354", "CVE-2014-8355", "CVE-2014-8562", "CVE-2014-8716", "CVE-2014-9819", "CVE-2014-9821", "CVE-2014-9822", "CVE-2014-9823", "CVE-2014-9824", "CVE-2014-9825", "CVE-2014-9837", "CVE-2014-9852", "CVE-2014-9853", "CVE-2014-9854", "CVE-2014-9907", "CVE-2015-8900", "CVE-2015-8901", "CVE-2015-8902", "CVE-2015-8903", "CVE-2015-8957", "CVE-2015-8958", "CVE-2016-10046", "CVE-2016-10047", "CVE-2016-10049", "CVE-2016-10052", "CVE-2016-10053", "CVE-2016-10054", "CVE-2016-10055", "CVE-2016-10056", "CVE-2016-10057", "CVE-2016-10058", "CVE-2016-10059", "CVE-2016-10060", "CVE-2016-10061", "CVE-2016-10062", "CVE-2016-10063", "CVE-2016-10064", "CVE-2016-10065", "CVE-2016-10066", "CVE-2016-10067", "CVE-2016-10068", "CVE-2016-10069", "CVE-2016-10070", "CVE-2016-10071", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10252", "CVE-2016-4562", "CVE-2016-4563", "CVE-2016-4564", "CVE-2016-5687", "CVE-2016-5688", "CVE-2016-5689", "CVE-2016-5690", "CVE-2016-5691", "CVE-2016-6491", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7539", "CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-8707", "CVE-2016-8862", "CVE-2016-8866", "CVE-2016-9559", "CVE-2017-11478", "CVE-2017-11505", "CVE-2017-11523", "CVE-2017-11524", "CVE-2017-11525", "CVE-2017-11526", "CVE-2017-11527", "CVE-2017-11528", "CVE-2017-11529", "CVE-2017-11530", "CVE-2017-12427", "CVE-2017-13139", "CVE-2017-13140", "CVE-2017-13141", "CVE-2017-13142", "CVE-2017-13143", "CVE-2017-13144", "CVE-2017-13145", "CVE-2017-13146", "CVE-2017-13658", "CVE-2017-17499", "CVE-2017-17504", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5509", "CVE-2017-5510", "CVE-2017-6497", "CVE-2017-6498", "CVE-2017-6499", "CVE-2017-6500", "CVE-2017-6501", "CVE-2017-6502", "CVE-2017-7941", "CVE-2017-7942", "CVE-2017-7943", "CVE-2018-16323", "CVE-2018-16328", "CVE-2018-20467", "CVE-2018-6405", "CVE-2019-7175"], "modified": "2021-02-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:imagemagick", "p-cpe:/a:huawei:euleros:imagemagick-c%2b%2b", "p-cpe:/a:huawei:euleros:imagemagick-libs", "p-cpe:/a:huawei:euleros:imagemagick-perl", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2354.NASL", "href": "https://www.tenable.com/plugins/nessus/131846", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131846);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2014-8354\",\n \"CVE-2014-8355\",\n \"CVE-2014-8562\",\n \"CVE-2014-8716\",\n \"CVE-2014-9821\",\n \"CVE-2014-9822\",\n \"CVE-2014-9823\",\n \"CVE-2014-9824\",\n \"CVE-2014-9825\",\n \"CVE-2014-9837\",\n \"CVE-2014-9852\",\n \"CVE-2014-9853\",\n \"CVE-2014-9854\",\n \"CVE-2014-9907\",\n \"CVE-2015-8900\",\n \"CVE-2015-8901\",\n \"CVE-2015-8902\",\n \"CVE-2015-8903\",\n \"CVE-2015-8957\",\n \"CVE-2015-8958\",\n \"CVE-2016-10046\",\n \"CVE-2016-10047\",\n \"CVE-2016-10049\",\n \"CVE-2016-10052\",\n \"CVE-2016-10053\",\n \"CVE-2016-10054\",\n \"CVE-2016-10055\",\n \"CVE-2016-10056\",\n \"CVE-2016-10057\",\n \"CVE-2016-10058\",\n \"CVE-2016-10059\",\n \"CVE-2016-10060\",\n \"CVE-2016-10061\",\n \"CVE-2016-10062\",\n \"CVE-2016-10063\",\n \"CVE-2016-10064\",\n \"CVE-2016-10065\",\n \"CVE-2016-10066\",\n \"CVE-2016-10067\",\n \"CVE-2016-10068\",\n \"CVE-2016-10069\",\n \"CVE-2016-10070\",\n \"CVE-2016-10071\",\n \"CVE-2016-10144\",\n \"CVE-2016-10145\",\n \"CVE-2016-10252\",\n \"CVE-2016-4562\",\n \"CVE-2016-4563\",\n \"CVE-2016-4564\",\n \"CVE-2016-5687\",\n \"CVE-2016-5688\",\n \"CVE-2016-5689\",\n \"CVE-2016-5690\",\n \"CVE-2016-5691\",\n \"CVE-2016-6491\",\n \"CVE-2016-6823\",\n \"CVE-2016-7101\",\n \"CVE-2016-7515\",\n \"CVE-2016-7516\",\n \"CVE-2016-7517\",\n \"CVE-2016-7518\",\n \"CVE-2016-7519\",\n \"CVE-2016-7520\",\n \"CVE-2016-7525\",\n \"CVE-2016-7526\",\n \"CVE-2016-7528\",\n \"CVE-2016-7529\",\n \"CVE-2016-7530\",\n \"CVE-2016-7531\",\n \"CVE-2016-7533\",\n \"CVE-2016-7534\",\n \"CVE-2016-7539\",\n \"CVE-2016-7799\",\n \"CVE-2016-7906\",\n \"CVE-2016-8677\",\n \"CVE-2016-8707\",\n \"CVE-2016-8866\",\n \"CVE-2016-9559\",\n \"CVE-2017-11478\",\n \"CVE-2017-11505\",\n \"CVE-2017-11523\",\n \"CVE-2017-11524\",\n \"CVE-2017-11525\",\n \"CVE-2017-11526\",\n \"CVE-2017-11527\",\n \"CVE-2017-11528\",\n \"CVE-2017-11529\",\n \"CVE-2017-11530\",\n \"CVE-2017-12427\",\n \"CVE-2017-13139\",\n \"CVE-2017-13140\",\n \"CVE-2017-13141\",\n \"CVE-2017-13142\",\n \"CVE-2017-13143\",\n \"CVE-2017-13144\",\n \"CVE-2017-13145\",\n \"CVE-2017-13146\",\n \"CVE-2017-13658\",\n \"CVE-2017-17499\",\n \"CVE-2017-17504\",\n \"CVE-2017-5507\",\n \"CVE-2017-5508\",\n \"CVE-2017-5509\",\n \"CVE-2017-5510\",\n \"CVE-2017-6497\",\n \"CVE-2017-6498\",\n \"CVE-2017-6499\",\n \"CVE-2017-6500\",\n \"CVE-2017-6501\",\n \"CVE-2017-6502\",\n \"CVE-2017-7941\",\n \"CVE-2017-7942\",\n \"CVE-2017-7943\",\n \"CVE-2018-16323\",\n \"CVE-2018-16328\",\n \"CVE-2018-20467\",\n \"CVE-2018-6405\",\n \"CVE-2019-7175\"\n );\n script_bugtraq_id(\n 70830,\n 70837,\n 70839,\n 70992\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2019-2354)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick is an image display and manipulation tool\n for the X Window System. ImageMagick can read and write\n JPEG, TIFF, PNM, GIF,and Photo CD image formats. It can\n resize, rotate, sharpen, color reduce, or add special\n effects to an image, and when finished you can either\n save the completed work in the original format or a\n different one. ImageMagick also includes command line\n programs for creating animated or transparent .gifs,\n creating composite images, creating thumbnail images,\n and more.ImageMagick is one of your choices if you need\n a program to manipulate and display images. If you want\n to develop your own applications which use ImageMagick\n code or APIs, you need to install ImageMagick-devel as\n well.Security Fix(es):In ImageMagick before 7.0.8-25,\n some memory leaks exist in DecodeImage in\n coders/pcd.c.(CVE-2019-7175)ReadXBMImage in\n coders/xbm.c in ImageMagick before 7.0.8-9 leaves data\n uninitialized when processing an XBM file that has a\n negative pixel value. If the affected code is used as a\n library loaded into a process that includes sensitive\n information, that information sometimes can be leaked\n via the image data.(CVE-2018-16323)In ImageMagick\n before 7.0.8-8, a NULL pointer dereference exists in\n the CheckEventLogging function in\n MagickCore/log.c.(CVE-2018-16328)The DrawDashPolygon\n function in MagickCore/draw.c in ImageMagick before\n 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations\n of certain vertices integer data, which allows remote\n attackers to cause a denial of service (buffer overflow\n and application crash) or possibly have unspecified\n other impact via a crafted file.(CVE-2016-4562)The\n TraceStrokePolygon function in MagickCore/draw.c in\n ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2\n mishandles the relationship between the BezierQuantum\n value and certain strokes data, which allows remote\n attackers to cause a denial of service (buffer overflow\n and application crash) or possibly have unspecified\n other impact via a crafted file.(CVE-2016-4563)The\n DrawImage function in MagickCore/draw.c in ImageMagick\n before 6.9.4-0 and 7.x before 7.0.1-2 makes an\n incorrect function call in attempting to locate the\n next token, which allows remote attackers to cause a\n denial of service (buffer overflow and application\n crash) or possibly have unspecified other impact via a\n crafted file.(CVE-2016-4564 )The ReadCINImage function\n in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x\n before 7.0.6-1 allows remote attackers to cause a\n denial of service (memory consumption) via a crafted\n file.(CVE-2017-11525)In coders/bmp.c in ImageMagick\n before 7.0.8-16, an input file can result in an\n infinite loop and hang, with high CPU and memory\n consumption. Remote attackers could leverage this\n vulnerability to cause a denial of service via a\n crafted file.(CVE-2018-20467)coders/pnm.c in\n ImageMagick 6.9.0-1 Beta and earlier allows remote\n attackers to cause a denial of service (crash) via a\n crafted png file.(CVE-2014-9837)coders/sun.c in\n ImageMagick before 6.9.0-4 Beta allows remote attackers\n to cause a denial of service (out-of-bounds read and\n application crash) via a crafted SUN\n file.(CVE-2015-8958)Memory leak in the ReadPSDLayers\n function in coders/psd.c in ImageMagick before 6.9.6-3\n allows remote attackers to cause a denial of service\n (memory consumption) via a crafted image\n file.(CVE-2016-10058)The MSL interpreter in ImageMagick\n before 6.9.6-4 allows remote attackers to cause a\n denial of service (segmentation fault and application\n crash) via a crafted XML file.(CVE-2016-10068)The\n ReadDCMImage function in DCM reader in ImageMagick\n before 6.9.4-5 and 7.x before 7.0.1-7 allows remote\n attackers to have unspecified impact via vectors\n involving the for statement in computing the pixel\n scaling table.(CVE-2016-5690)Heap-based buffer overflow\n in coders/hdr.c in ImageMagick allows remote attackers\n to cause a denial of service (out-of-bounds read) via a\n crafted HDR file.(CVE-2016-7520)MagickCore/profile.c in\n ImageMagick before 7.0.3-2 allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted file.(CVE-2016-7799)The ReadOneMNGImage\n function in coders/png.c in ImageMagick before 6.9.9-0\n and 7.x before 7.0.6-1 allows remote attackers to cause\n a denial of service (large loop and CPU consumption)\n via a crafted file.(CVE-2017-11526)In ImageMagick\n before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage\n function in coders/mat.c uses uninitialized data, which\n might allow remote attackers to obtain sensitive\n information from process\n memory.(CVE-2017-13143)coders/psd.c in ImageMagick\n allows remote attackers to have unspecified impact via\n a crafted PSD file, which triggers an out-of-bounds\n write.(CVE-2017-5510)In the ReadDCMImage function in\n coders/dcm.c in ImageMagick before 7.0.7-23, each\n redmap, greenmap, and bluemap variable can be\n overwritten by a new pointer. The previous pointer is\n lost, which leads to a memory leak. This allows remote\n attackers to cause a denial of\n service.(CVE-2018-6405)Heap-based buffer overflow in\n ImageMagick allows remote attackers to have unspecified\n impact via a crafted psd file, a different\n vulnerability than CVE-2014-9824.(CVE-2014-9825)Buffer\n overflow in ImageMagick before 6.9.0-4 Beta allows\n remote attackers to cause a denial of service\n (application crash) via a crafted SUN\n file.(CVE-2015-8957)Buffer overflow in the\n WriteGROUP4Image function in coders/tiff.c in\n ImageMagick before 6.9.5-8 allows remote attackers to\n cause a denial of service (application crash) or have\n other unspecified impact via a crafted\n file.(CVE-2016-10057)magick/memory.c in ImageMagick\n before 6.9.4-5 allows remote attackers to cause a\n denial of service (application crash) via vectors\n involving 'too many exceptions,' which trigger a buffer\n overflow.(CVE-2016-10067)The DCM reader in ImageMagick\n before 6.9.4-5 and 7.x before 7.0.1-7 allows remote\n attackers to have unspecified impact by leveraging lack\n of NULL pointer checks.(CVE-2016-5689)The ReadRLEImage\n function in coders/rle.c in ImageMagick allows remote\n attackers to cause a denial of service (out-of-bounds\n read) via a crafted file.(CVE-2016-7519)Memory leak in\n AcquireVirtualMemory in ImageMagick before 7 allows\n remote attackers to cause a denial of service (memory\n consumption) via unspecified vectors.(CVE-2016-7539)The\n WriteBlob function in MagickCore/blob.c in ImageMagick\n before 6.9.8-10 and 7.x before 7.6.0-0 allows remote\n attackers to cause a denial of service (assertion\n failure and application exit) via a crafted\n file.(CVE-2017-11524)In ImageMagick before 6.9.9-0 and\n 7.x before 7.0.6-1, a crafted PNG file could trigger a\n crash because there was an insufficient check for short\n files.(CVE-2017-13142)coders/psd.c in ImageMagick\n allows remote attackers to have unspecified impact via\n a crafted PSD file, which triggers an out-of-bounds\n write.(CVE-2017-5509)The ReadSVGImage function in svg.c\n in ImageMagick 7.0.5-4 allows remote attackers to\n consume an amount of available memory via a crafted\n file.(CVE-2017-7943)Heap-based buffer overflow in\n ImageMagick allows remote attackers to have unspecified\n impact via a crafted psd file, a different\n vulnerability than CVE-2014-9825.(CVE-2014-9824)The\n ReadVICARImage function in coders/vicar.c in\n ImageMagick 6.x before 6.9.0-5 Beta allows remote\n attackers to cause a denial of service (infinite loop)\n via a crafted VICAR file.(CVE-2015-8903)Buffer overflow\n in the sixel_decode function in coders/sixel.c in\n ImageMagick before 6.9.5-8 allows remote attackers to\n cause a denial of service (application crash) or have\n other unspecified impact via a crafted\n file.(CVE-2016-10056)Buffer overflow in the\n ReadVIFFImage function in coders/viff.c in ImageMagick\n before 6.9.4-5 allows remote attackers to cause a\n denial of service (application crash) via a crafted\n file.(CVE-2016-10066)The WPG parser in ImageMagick\n before 6.9.4-4 and 7.x before 7.0.1-5, when a memory\n limit is set, allows remote attackers to have\n unspecified impact via vectors related to the\n SetImageExtent return-value check, which trigger (1) a\n heap-based buffer overflow in the SetPixelIndex\n function or an invalid write operation in the (2)\n ScaleCharToQuantum or (3) SetPixelIndex\n functions.(CVE-2016-5688)The ReadSUNImage function in\n coders/sun.c in ImageMagick allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted SUN file.(CVE-2016-7518)The generic decoder in\n ImageMagick allows remote attackers to cause a denial\n of service (out-of-bounds access) via a crafted\n file.(CVE-2016-7534)The ReadTXTImage function in\n coders/txt.c in ImageMagick through 6.9.9-0 and 7.x\n through 7.0.6-1 allows remote attackers to cause a\n denial of service (infinite loop) via a crafted file,\n because the end-of-file condition is not\n considered.(CVE-2017-11523)In ImageMagick before\n 6.9.9-4 and 7.x before 7.0.6-4, a crafted file could\n trigger a memory leak in ReadOnePNGImage in\n coders/png.c.(CVE-2017-13141)Heap-based buffer overflow\n in the PushQuantumPixel function in ImageMagick before\n 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers\n to cause a denial of service (application crash) via a\n crafted TIFF file.(CVE-2017-5508)The ReadAVSImage\n function in avs.c in ImageMagick 7.0.5-4 allows remote\n attackers to consume an amount of available memory via\n a crafted file.(CVE-2017-7942)Heap-based buffer\n overflow in ImageMagick allows remote attackers to have\n unspecified impact via a crafted palm file, a different\n vulnerability than CVE-2014-9819.(CVE-2014-9823)The\n ReadBlobByte function in coders/pdb.c in ImageMagick\n 6.x before 6.9.0-5 Beta allows remote attackers to\n cause a denial of service (infinite loop) via a crafted\n PDB file.(CVE-2015-8902)Buffer overflow in the\n WritePDBImage function in coders/pdb.c in ImageMagick\n before 6.9.5-8 allows remote attackers to cause a\n denial of service (application crash) or have other\n unspecified impact via a crafted\n file.(CVE-2016-10055)The ReadVIFFImage function in\n coders/viff.c in ImageMagick before 7.0.1-0 allows\n remote attackers to cause a denial of service\n (application crash) or have other unspecified impact\n via a crafted file.(CVE-2016-10065)The VerticalFilter\n function in the DDS coder in ImageMagick before 6.9.4-3\n and 7.x before 7.0.1-4 allows remote attackers to have\n unspecified impact via a crafted DDS file, which\n triggers an out-of-bounds read.(CVE-2016-5687)The\n EncodeImage function in coders/pict.c in ImageMagick\n allows remote attackers to cause a denial of service\n (out-of-bounds read) via a crafted PICT\n file.(CVE-2016-7517)The ReadWPGImage function in\n coders/wpg.c in ImageMagick allows remote attackers to\n cause a denial of service (out-of-bounds read) via a\n crafted WPG file.(CVE-2016-7533)The ReadOneJNGImage\n function in coders/png.c in ImageMagick through 6.9.9-0\n and 7.x through 7.0.6-1 allows remote attackers to\n cause a denial of service (large loop and CPU\n consumption) via a malformed JNG\n file.(CVE-2017-11505)In ImageMagick before 6.9.9-1 and\n 7.x before 7.0.6-2, the ReadOnePNGImage function in\n coders/png.c allows remote attackers to cause a denial\n of service (application hang in LockSemaphoreInfo) via\n a PNG file with a width equal to\n MAGICK_WIDTH_LIMIT.(CVE-2017-13140)Memory leak in\n coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x\n before 7.0.4-4 allows remote attackers to cause a\n denial of service (memory consumption) via vectors\n involving a pixel cache.(CVE-2017-5507)The ReadSGIImage\n function in sgi.c in ImageMagick 7.0.5-4 allows remote\n attackers to consume an amount of available memory via\n a crafted file.(CVE-2017-7941)Heap-based buffer\n overflow in ImageMagick allows remote attackers to have\n unspecified impact via a crafted quantum\n file.(CVE-2014-9822)ImageMagick 6.x before 6.9.0-5 Beta\n allows remote attackers to cause a denial of service\n (infinite loop) via a crafted MIFF\n file.(CVE-2015-8901)Buffer overflow in the\n WriteMAPImage function in coders/map.c in ImageMagick\n before 6.9.5-8 allows remote attackers to cause a\n denial of service (application crash) or have other\n unspecified impact via a crafted\n file.(CVE-2016-10054)Buffer overflow in coders/tiff.c\n in ImageMagick before 6.9.5-1 allows remote attackers\n to cause a denial of service (application crash) or\n have other unspecified impact via a crafted\n file.(CVE-2016-10064)Memory leak in the IsOptionMember\n function in MagickCore/option.c in ImageMagick before\n 6.9.2-2, as used in ODR-PadEnc and other products,\n allows attackers to trigger memory\n consumption.(CVE-2016-10252)The ReadVIFFImage function\n in coders/viff.c in ImageMagick allows remote attackers\n to cause a denial of service (out-of-bounds read) via a\n crafted VIFF file.(CVE-2016-7516)MagickCore/memory.c in\n ImageMagick allows remote attackers to cause a denial\n of service (out-of-bounds write) via a crafted PDB\n file.(CVE-2016-7531)The ReadOneDJVUImage function in\n coders/djvu.c in ImageMagick through 6.9.9-0 and 7.x\n through 7.0.6-1 allows remote attackers to cause a\n denial of service (infinite loop and CPU consumption)\n via a malformed DJVU image.(CVE-2017-11478)In\n ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the\n ReadOneMNGImage function in coders/png.c has an\n out-of-bounds read with the MNG CLIP\n chunk.(CVE-2017-13139)ImageMagick before 7.0.7-12 has a\n coders/png.c Magick_png_read_raw_profile heap-based\n buffer over-read via a crafted file, related to\n ReadOneMNGImage.(CVE-2017-17504)An issue was discovered\n in ImageMagick 6.9.7. A specially crafted webp file\n could lead to a file-descriptor leak in libmagickcore\n (thus, a DoS).(CVE-2017-6502)Heap-based buffer overflow\n in ImageMagick allows remote attackers to have\n unspecified impact via a crafted xpm\n file.(CVE-2014-9821)The ReadHDRImage function in\n coders/hdr.c in ImageMagick 6.x and 7.x allows remote\n attackers to cause a denial of service (infinite loop)\n via a crafted HDR file.(CVE-2015-8900)The\n WriteTIFFImage function in coders/tiff.c in ImageMagick\n before 6.9.5-8 allows remote attackers to cause a\n denial of service (divide-by-zero error and application\n crash) via a crafted file.(CVE-2016-10053)Buffer\n overflow in coders/tiff.c in ImageMagick before 6.9.5-1\n allows remote attackers to cause a denial of service\n (application crash) or have other unspecified impact\n via a crafted file, related to extend\n validity.(CVE-2016-10063)Off-by-one error in\n coders/wpg.c in ImageMagick allows remote attackers to\n have unspecified impact via vectors related to a string\n copy.(CVE-2016-10145)The ReadRLEImage function in\n coders/rle.c in ImageMagick allows remote attackers to\n cause a denial of service (out-of-bounds read) via\n vectors related to the number of\n pixels.(CVE-2016-7515)The quantum handling code in\n ImageMagick allows remote attackers to cause a denial\n of service (divide-by-zero error or out-of-bounds\n write) via a crafted file.(CVE-2016-7530)coders/tiff.c\n in ImageMagick before 7.0.3.7 allows remote attackers\n to cause a denial of service (NULL pointer dereference\n and crash) via a crafted image.(CVE-2016-9559)The\n ProcessMSLScript function in coders/msl.c in\n ImageMagick before 6.9.9-5 and 7.x before 7.0.6-5\n allows remote attackers to cause a denial of service\n (memory leak) via a crafted file, related to the\n WriteMSLImage function.(CVE-2017-12427)ImageMagick\n before 6.9.9-24 and 7.x before 7.0.7-12 has a\n use-after-free in Magick::Image::read in\n Magick++/lib/Image.cpp.(CVE-2017-17499)An issue was\n discovered in ImageMagick 6.9.7. A specially crafted\n xcf file could lead to a NULL pointer\n dereference.(CVE-2017-6501)The JPEG decoder in\n ImageMagick before 6.8.9-9 allows local users to cause\n a denial of service (out-of-bounds memory access and\n crash).(CVE-2014-8716)coders/dds.c in ImageMagick\n allows remote attackers to cause a denial of service\n via a crafted DDS file.(CVE-2014-9907)Buffer overflow\n in the WriteProfile function in coders/jpeg.c in\n ImageMagick before 6.9.5-6 allows remote attackers to\n cause a denial of service (application crash) or have\n other unspecified impact via a crafted\n file.(CVE-2016-10052)The ReadGROUP4Image function in\n coders/tiff.c in ImageMagick does not check the return\n value of the fwrite function, which allows remote\n attackers to cause a denial of service (application\n crash) via a crafted file.(CVE-2016-10062)coders/ipl.c\n in ImageMagick allows remote attackers to have\n unspecific impact by leveraging a missing malloc\n check.(CVE-2016-10144)The SGI coder in ImageMagick\n before 7.0.2-10 allows remote attackers to cause a\n denial of service (out-of-bounds read) via a large row\n value in an sgi file.(CVE-2016-7101)coders/xcf.c in\n ImageMagick allows remote attackers to cause a denial\n of service (out-of-bounds read) via a crafted XCF\n file.(CVE-2016-7529)The AcquireMagickMemory function in\n MagickCore/memory.c in ImageMagick 7.0.3.3 before\n 7.0.3.8 allows remote attackers to have unspecified\n impact via a crafted image, which triggers a memory\n allocation failure. NOTE: this vulnerability exists\n because of an incomplete fix for\n CVE-2016-8862.(CVE-2016-8866)The ReadEPTImage function\n in coders/ept.c in ImageMagick before 6.9.9-0 and 7.x\n before 7.0.6-1 allows remote attackers to cause a\n denial of service (memory consumption) via a crafted\n file.(CVE-2017-11530)In ImageMagick before 6.9.9-3 and\n 7.x before 7.0.6-3, there is a missing NULL check in\n the ReadMATImage function in coders/mat.c, leading to a\n denial of service (assertion failure and application\n exit) in the DestroyImageInfo function in\n MagickCore/image.c.(CVE-2017-13658)An issue was\n discovered in ImageMagick 6.9.7. A specially crafted\n sun file triggers a heap-based buffer\n over-read.(CVE-2017-6500)DCM decode in ImageMagick\n before 6.8.9-9 allows remote attackers to cause a\n denial of service (out-of-bounds\n read).(CVE-2014-8562)coders/tiff.c in ImageMagick\n allows remote attackers to cause a denial of service\n (application crash) via vectors related to the\n 'identification of image.'(CVE-2014-9854)Buffer\n overflow in the ReadRLEImage function in coders/rle.c\n in ImageMagick before 6.9.4-4 allows remote attackers\n to cause a denial of service (application crash) or\n have other unspecified impact via a crafted RLE\n file.(CVE-2016-10049)The ReadGROUP4Image function in\n coders/tiff.c in ImageMagick before 7.0.1-10 does not\n check the return value of the fputc function, which\n allows remote attackers to cause a denial of service\n (crash) via a crafted image\n file.(CVE-2016-10061)coders/mat.c in ImageMagick before\n 6.9.4-0 allows remote attackers to cause a denial of\n service (out-of-bounds read and application crash) via\n a crafted mat file.(CVE-2016-10071)Integer overflow in\n the BMP coder in ImageMagick before 7.0.2-10 allows\n remote attackers to cause a denial of service (crash)\n via crafted height and width values, which triggers an\n out-of-bounds write.(CVE-2016-6823)The ReadVIFFImage\n function in coders/viff.c in ImageMagick allows remote\n attackers to cause a denial of service (segmentation\n fault) via a crafted VIFF file.(CVE-2016-7528)An\n exploitable out of bounds write exists in the handling\n of compressed TIFF images in ImageMagicks's convert\n utility. A crafted TIFF document can lead to an out of\n bounds write which in particular circumstances could be\n leveraged into remote code execution. The vulnerability\n can be triggered through any user controlled TIFF that\n is handled by this functionality.(CVE-2016-8707)The\n ReadMATImage function in coders/mat.c in ImageMagick\n before 6.9.9-0 and 7.x before 7.0.6-1 allows remote\n attackers to cause a denial of service (memory leak)\n via a crafted file.(CVE-2017-11529)In ImageMagick\n before 6.9.8-5 and 7.x before 7.0.5-6, there is a\n memory leak in the ReadMATImage function in\n coders/mat.c.(CVE-2017-13146)An issue was discovered in\n Magick++ in ImageMagick 6.9.7. A specially crafted file\n creating a nested exception could lead to a memory leak\n (thus, a DoS).(CVE-2017-6499)PCX parser code in\n ImageMagick before 6.8.9-9 allows remote attackers to\n cause a denial of service (out-of-bounds\n read).(CVE-2014-8355)Memory leak in coders/rle.c in\n ImageMagick allows remote attackers to cause a denial\n of service (memory consumption) via a crafted rle\n file.(CVE-2014-9853)Memory leak in the NewXMLTree\n function in magick/xml-tree.c in ImageMagick before\n 6.9.4-7 allows remote attackers to cause a denial of\n service (memory consumption) via a crafted XML\n file.(CVE-2016-10047)The ConcatenateImages function in\n MagickWand/magick-cli.c in ImageMagick before 7.0.1-10\n does not check the return value of the fputc function,\n which allows remote attackers to cause a denial of\n service (application crash) via a crafted\n file.(CVE-2016-10060)Heap-based buffer overflow in the\n CalcMinMax function in coders/mat.c in ImageMagick\n before 6.9.4-0 allows remote attackers to cause a\n denial of service (out-of-bounds read and application\n crash) via a crafted mat file.(CVE-2016-10070)Buffer\n overflow in the Get8BIMProperty function in\n MagickCore/property.c in ImageMagick before 6.9.5-4 and\n 7.x before 7.0.2-6 allows remote attackers to cause a\n denial of service (out-of-bounds read, memory leak, and\n crash) via a crafted image.(CVE-2016-6491)coders/wpg.c\n in ImageMagick allows remote attackers to cause a\n denial of service (out-of-bounds write) via a crafted\n file.(CVE-2016-7526)The AcquireQuantumPixels function\n in MagickCore/quantum.c in ImageMagick before 7.0.3-1\n allows remote attackers to have unspecified impact via\n a crafted image file, which triggers a memory\n allocation failure.(CVE-2016-8677)The ReadDIBImage\n function in coders/dib.c in ImageMagick before 6.9.9-0\n and 7.x before 7.0.6-1 allows remote attackers to cause\n a denial of service (memory leak) via a crafted\n file.(CVE-2017-11528)In ImageMagick before 6.9.8-8 and\n 7.x before 7.0.5-9, the ReadJP2Image function in\n coders/jp2.c does not properly validate the channel\n geometry, leading to a crash.(CVE-2017-13145)An issue\n was discovered in ImageMagick 6.9.7. Incorrect TGA\n files could trigger assertion failures, thus leading to\n DoS.(CVE-2017-6498)The HorizontalFilter function in\n resize.c in ImageMagick before 6.8.9-9 allows remote\n attackers to cause a denial of service (out-of-bounds\n read) via a crafted image\n file.(CVE-2014-8354)distribute-cache.c in ImageMagick\n re-uses objects after they have been destroyed, which\n allows remote attackers to have unspecified impact via\n unspecified vectors.(CVE-2014-9852)Heap-based buffer\n overflow in the DrawImage function in magick/draw.c in\n ImageMagick before 6.9.5-5 allows remote attackers to\n cause a denial of service (application crash) via a\n crafted image file.(CVE-2016-10046)Buffer overflow in\n coders/tiff.c in ImageMagick before 6.9.4-1 allows\n remote attackers to cause a denial of service\n (application crash) or have unspecified other impact\n via a crafted TIFF file.(CVE-2016-10059)coders/mat.c in\n ImageMagick before 6.9.4-5 allows remote attackers to\n cause a denial of service (application crash) via a mat\n file with an invalid number of\n frames.(CVE-2016-10069)The DCM reader in ImageMagick\n before 6.9.4-5 and 7.x before 7.0.1-7 allows remote\n attackers to have unspecified impact by leveraging lack\n of validation of (1) pixel.red, (2) pixel.green, and\n (3) pixel.blue.(CVE-2016-5691)Heap-based buffer\n overflow in coders/psd.c in ImageMagick allows remote\n attackers to cause a denial of service (out-of-bounds\n read) via a crafted PSD\n file.(CVE-2016-7525)magick/attribute.c in ImageMagick\n 7.0.3-2 allows remote attackers to cause a denial of\n service (use-after-free) via a crafted\n file.(CVE-2016-7906)The ReadDPXImage function in\n coders/dpx.c in ImageMagick before 6.9.9-0 and 7.x\n before 7.0.6-1 allows remote attackers to cause a\n denial of service (memory consumption) via a crafted\n file.(CVE-2017-11527)In ImageMagick before 6.9.7-10,\n there is a crash (rather than a 'width or height\n exceeds limit' error report) if the image dimensions\n are too large, as demonstrated by use of the mpc\n coder.(CVE-2017-13144)An issue was discovered in\n ImageMagick 6.9.7. A specially crafted psd file could\n lead to a NULL pointer dereference (thus, a\n DoS).(CVE-2017-6497)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2354\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1aef7cdc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16328\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.9.9.38-1.h4\",\n \"ImageMagick-c++-6.9.9.38-1.h4\",\n \"ImageMagick-libs-6.9.9.38-1.h4\",\n \"ImageMagick-perl-6.9.9.38-1.h4\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:32", "description": "This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ImageMagick (openSUSE-2016-1282)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7513", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7521", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7532", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7535", "CVE-2016-7537", "CVE-2016-7538", "CVE-2016-7539", "CVE-2016-7540", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8677", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:imagemagick", "p-cpe:/a:novell:opensuse:imagemagick-debuginfo", "p-cpe:/a:novell:opensuse:imagemagick-debugsource", "p-cpe:/a:novell:opensuse:imagemagick-devel", "p-cpe:/a:novell:opensuse:imagemagick-devel-32bit", "p-cpe:/a:novell:opensuse:imagemagick-extra", "p-cpe:/a:novell:opensuse:imagemagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel-32bit", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1-32bit", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1-32bit", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:perl-perlmagick", "p-cpe:/a:novell:opensuse:perl-perlmagick-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1282.NASL", "href": "https://www.tenable.com/plugins/nessus/94754", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1282.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94754);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7513\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7521\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7532\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7535\", \"CVE-2016-7537\", \"CVE-2016-7538\", \"CVE-2016-7539\", \"CVE-2016-7540\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8677\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2016-1282)\");\n script_summary(english:\"Check for the openSUSE-2016-1282 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues: These\nvulnerabilities could be triggered by processing specially crafted\nimage files, which could lead to a process crash or resource\nconsumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in\n AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow\n (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts\n (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory\n (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file\n (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder\n (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file\n (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in\n ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling\n (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling\n (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault\n (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds\n Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds\n Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005328\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-debugsource-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-devel-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-extra-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-extra-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-6_Q16-3-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-devel-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-PerlMagick-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-PerlMagick-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:53", "description": "This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7513", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7521", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7532", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7535", "CVE-2016-7537", "CVE-2016-7538", "CVE-2016-7539", "CVE-2016-7540", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8677", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:imagemagick", "p-cpe:/a:novell:suse_linux:imagemagick-debuginfo", "p-cpe:/a:novell:suse_linux:imagemagick-debugsource", "p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16", "p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16-3-debuginfo", "p-cpe:/a:novell:suse_linux:libmagickcore-6_q16", "p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1", "p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libmagickwand-6_q16", "p-cpe:/a:novell:suse_linux:libmagickwand-6_q16-1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2667-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2667-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94433);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7513\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7521\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7532\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7535\", \"CVE-2016-7537\", \"CVE-2016-7538\", \"CVE-2016-7539\", \"CVE-2016-7540\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8677\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues: These\nvulnerabilities could be triggered by processing specially crafted\nimage files, which could lead to a process crash or resource\nconsumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in\n AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow\n (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts\n (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory\n (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file\n (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder\n (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file\n (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in\n ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling\n (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling\n (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault\n (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds\n Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds\n Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9907/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8957/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8958/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8959/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6823/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7513/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7514/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7515/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7516/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7517/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7518/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7519/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7520/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7521/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7522/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7523/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7524/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7525/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7526/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7527/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7528/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7529/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7530/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7531/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7532/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7533/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7534/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7535/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7537/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7538/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7539/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7540/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7996/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7997/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8677/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8682/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8683/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8684/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162667-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1aea0f46\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2016-1572=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1572=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1572=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1572=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ImageMagick-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ImageMagick-debugsource-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:22", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7799: Mogrify global buffer overflow (bsc#1002421)\n\n - CVE-2016-7540: Writing to RGF format aborts (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7536: SEGV reported in corrupted profile handling (bsc#1000710)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7532: Fix handling of corrupted psd file (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7529: Out of bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out of bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: Out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ImageMagick (openSUSE-2016-1242)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7513", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7521", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7532", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7535", "CVE-2016-7536", "CVE-2016-7537", "CVE-2016-7538", "CVE-2016-7539", "CVE-2016-7540", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8677", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:imagemagick", "p-cpe:/a:novell:opensuse:imagemagick-debuginfo", "p-cpe:/a:novell:opensuse:imagemagick-debugsource", "p-cpe:/a:novell:opensuse:imagemagick-devel", "p-cpe:/a:novell:opensuse:imagemagick-devel-32bit", "p-cpe:/a:novell:opensuse:imagemagick-extra", "p-cpe:/a:novell:opensuse:imagemagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel-32bit", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-2", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-2-32bit", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-2-debuginfo", "p-cpe:/a:novell:opensuse:libmagickcore-6_q16-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-2", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-2-32bit", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-2-debuginfo", "p-cpe:/a:novell:opensuse:libmagickwand-6_q16-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:perl-perlmagick", "p-cpe:/a:novell:opensuse:perl-perlmagick-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1242.NASL", "href": "https://www.tenable.com/plugins/nessus/94425", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1242.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94425);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7513\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7521\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7532\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7535\", \"CVE-2016-7536\", \"CVE-2016-7537\", \"CVE-2016-7538\", \"CVE-2016-7539\", \"CVE-2016-7540\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8677\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2016-1242)\");\n script_summary(english:\"Check for the openSUSE-2016-1242 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in\n AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7799: Mogrify global buffer overflow\n (bsc#1002421)\n\n - CVE-2016-7540: Writing to RGF format aborts\n (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory\n (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file\n (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7536: SEGV reported in corrupted profile\n handling (bsc#1000710)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder\n (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7532: Fix handling of corrupted psd file\n (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7529: Out of bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out of bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: Out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling\n (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling\n (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault\n (bsc#1000686)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read\n Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write\n Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: DOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005328\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-debugsource-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-devel-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-extra-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-extra-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagick++-6_Q16-5-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagick++-6_Q16-5-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagick++-devel-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickCore-6_Q16-2-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickCore-6_Q16-2-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickWand-6_Q16-2-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickWand-6_Q16-2-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"perl-PerlMagick-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"perl-PerlMagick-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-5-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-5-debuginfo-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-2-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-2-debuginfo-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-2-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-2-debuginfo-32bit-6.8.9.8-34.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2019-05-29T18:34:28", "description": "This update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of arbitrary\ncode if malformed TIFF, WPG, IPL, MPC or PSB files are processed.", "cvss3": {}, "published": "2017-03-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3799-1 (imagemagick - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8707", "CVE-2017-5506", "CVE-2016-10144", "CVE-2016-10062", "CVE-2016-10145", "CVE-2016-10146", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511", "CVE-2017-5507"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703799", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3799.nasl 14280 2019-03-18 14:50:45Z cfischer $\n# Auto-generated from advisory DSA 3799-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703799\");\n script_version(\"$Revision: 14280 $\");\n script_cve_id(\"CVE-2016-10062\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-8707\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n script_name(\"Debian Security Advisory DSA 3799-1 (imagemagick - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:50:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-01 00:00:00 +0100 (Wed, 01 Mar 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2017/dsa-3799.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"imagemagick on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u7.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 8:6.9.7.4+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.7.4+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\");\n script_tag(name:\"summary\", value:\"This update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of arbitrary\ncode if malformed TIFF, WPG, IPL, MPC or PSB files are processed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-6-common\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-6-doc\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-6.q16hdri\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-q16hdri-perl\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-7\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-7\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3-extra\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-3\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-3-extra\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-3\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-3\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.9.7.4+dfsg-1\", rls:\"DEB9\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-dbg\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.8.9.9-5+deb8u7\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:57:26", "description": "This update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of arbitrary\ncode if malformed TIFF, WPG, IPL, MPC or PSB files are processed.", "cvss3": {}, "published": "2017-03-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3799-1 (imagemagick - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8707", "CVE-2017-5506", "CVE-2016-10144", "CVE-2016-10062", "CVE-2016-10145", "CVE-2016-10146", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511", "CVE-2017-5507"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703799", "href": "http://plugins.openvas.org/nasl.php?oid=703799", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3799.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3799-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703799);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-10062\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10146\", \"CVE-2016-8707\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n script_name(\"Debian Security Advisory DSA 3799-1 (imagemagick - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-03-01 00:00:00 +0100 (Wed, 01 Mar 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3799.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"imagemagick on Debian Linux\");\n script_tag(name: \"insight\", value: \"ImageMagick is a software suite to create, edit, and compose bitmap images.\nIt can read, convert and write images in a variety of formats (over 100)\nincluding DPX, EXR, GIF, JPEG, JPEG-2000, PDF, PhotoCD, PNG, Postscript,\nSVG, and TIFF. Use ImageMagick to translate, flip, mirror, rotate, scale,\nshear and transform images, adjust image colors, apply various special\neffects, or draw text, lines, polygons, ellipses and B\u00e9zier curves.\nAll manipulations can be achieved through shell commands as well as through\nan X11 graphical interface (display).\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u7.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 8:6.9.7.4+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.7.4+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\");\n script_tag(name: \"summary\", value: \"This update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of arbitrary\ncode if malformed TIFF, WPG, IPL, MPC or PSB files are processed.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-6-common\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-6-doc\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-6.q16hdri\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-q16hdri-perl\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-7\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-7\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3-extra\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-3\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-3-extra\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-3\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-3\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.9.7.4+dfsg-1\", rls_regex:\"DEB9.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-dbg\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.8.9.9-5+deb8u7\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:34:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for imagemagick USN-3222-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8707", "CVE-2017-5506", "CVE-2016-10144", "CVE-2016-10062", "CVE-2016-10145", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511", "CVE-2016-1016", "CVE-2017-5507"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843084", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843084", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for imagemagick USN-3222-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843084\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-09 05:01:41 +0100 (Thu, 09 Mar 2017)\");\n script_cve_id(\"CVE-2016-10062\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-1016\", \"CVE-2016-8707\", \"CVE-2017-5506\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5510\", \"CVE-2017-5511\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for imagemagick USN-3222-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that ImageMagick\n incorrectly handled certain malformed image files. If a user or automated system\n using ImageMagick were tricked into opening a specially crafted image, an\n attacker could exploit this to cause a denial of service or possibly execute\n code with the privileges of the user invoking the program.\");\n script_tag(name:\"affected\", value:\"imagemagick on Ubuntu 16.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3222-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3222-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|16\\.10|12\\.04 LTS|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.7.7.10-6ubuntu3.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++5\", ver:\"8:6.7.7.10-6ubuntu3.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore5\", ver:\"8:6.7.7.10-6ubuntu3.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore5-extra\", ver:\"8:6.7.7.10-6ubuntu3.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-7ubuntu8.4\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-7ubuntu8.4\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5v5\", ver:\"8:6.8.9.9-7ubuntu8.4\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-7ubuntu8.4\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-7ubuntu8.4\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.6.9.7-5ubuntu3.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++4\", ver:\"8:6.6.9.7-5ubuntu3.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore4\", ver:\"8:6.6.9.7-5ubuntu3.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore4-extra\", ver:\"8:6.6.9.7-5ubuntu3.8\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-7ubuntu5.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-7ubuntu5.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5v5\", ver:\"8:6.8.9.9-7ubuntu5.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-7ubuntu5.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-7ubuntu5.5\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-05T18:35:52", "description": "The host is installed with ImageMagick\n and is prone to memory corruption vulnerability.", "cvss3": {}, "published": "2017-02-20T00:00:00", "type": "openvas", "title": "ImageMagick 'AcquireQuantumPixels' Memory Corruption Vulnerability (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8677"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310810557", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810557", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# ImageMagick 'AcquireQuantumPixels' Memory Corruption Vulnerability (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:imagemagick:imagemagick\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810557\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-8677\");\n script_bugtraq_id(93598);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-02-20 15:05:25 +0530 (Mon, 20 Feb 2017)\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_name(\"ImageMagick 'AcquireQuantumPixels' Memory Corruption Vulnerability (Windows)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with ImageMagick\n and is prone to memory corruption vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to a memory corruption\n error in 'AcquireQuantumPixels' function in MagickCore/quantum.c script.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n remote attackers to have an unspecified impact via a crafted image file,\n which triggers a memory allocation failure.\");\n\n script_tag(name:\"affected\", value:\"ImageMagick version 7.0.3.0 and prior\n on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to ImageMagick version 7.0.3.1 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/10/16/1\");\n script_xref(name:\"URL\", value:\"https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"secpod_imagemagick_detect_win.nasl\");\n script_mandatory_keys(\"ImageMagick/Win/Installed\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!imVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less_equal(version:imVer, test_version:\"7.0.3.0\"))\n{\n report = report_fixed_ver(installed_version:imVer, fixed_version:'7.0.3.1');\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T18:37:18", "description": "The host is installed with ImageMagick\n and is prone to memory corruption vulnerability.", "cvss3": {}, "published": "2017-02-21T00:00:00", "type": "openvas", "title": "ImageMagick 'AcquireQuantumPixels' Memory Corruption Vulnerability (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8677"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310810559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# ImageMagick 'AcquireQuantumPixels' Memory Corruption Vulnerability (Mac OS X)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:imagemagick:imagemagick\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810559\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2016-8677\");\n script_bugtraq_id(93598);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-02-21 09:24:08 +0530 (Tue, 21 Feb 2017)\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_name(\"ImageMagick 'AcquireQuantumPixels' Memory Corruption Vulnerability (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with ImageMagick\n and is prone to memory corruption vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to a memory corruption\n error in 'AcquireQuantumPixels' function in MagickCore/quantum.c script.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow\n remote attackers to have an unspecified impact via a crafted image file,\n which triggers a memory allocation failure.\");\n\n script_tag(name:\"affected\", value:\"ImageMagick version 7.0.3.0 and prior\n on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to ImageMagick version 7.0.3.1 or\n later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/10/16/1\");\n script_xref(name:\"URL\", value:\"https://blogs.gentoo.org/ago/2016/10/07/imagemagick-memory-allocate-failure-in-acquirequantumpixels-quantum-c\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_dependencies(\"gb_imagemagick_detect_macosx.nasl\");\n script_mandatory_keys(\"ImageMagick/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!imVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less_equal(version:imVer, test_version:\"7.0.3.0\"))\n{\n report = report_fixed_ver(installed_version:imVer, fixed_version:'7.0.3.1');\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:32:50", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-2160)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13146", "CVE-2016-10252", "CVE-2018-12600", "CVE-2017-13143", "CVE-2016-7539", "CVE-2017-13139", "CVE-2017-15033", "CVE-2016-10145", "CVE-2017-5509", "CVE-2017-5510", "CVE-2018-20467", "CVE-2018-16323", "CVE-2018-16328", "CVE-2018-8804", "CVE-2017-17499", "CVE-2018-16329", "CVE-2017-5507"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192160", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2160\");\n script_version(\"2020-01-23T12:37:04+0000\");\n script_cve_id(\"CVE-2016-10145\", \"CVE-2016-10252\", \"CVE-2016-7539\", \"CVE-2017-13139\", \"CVE-2017-13143\", \"CVE-2017-13146\", \"CVE-2017-15033\", \"CVE-2017-17499\", \"CVE-2017-5507\", \"CVE-2017-5509\", \"CVE-2017-5510\", \"CVE-2018-12600\", \"CVE-2018-16323\", \"CVE-2018-16328\", \"CVE-2018-16329\", \"CVE-2018-20467\", \"CVE-2018-8804\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:37:04 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:37:04 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-2160)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2160\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2160\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ImageMagick' package(s) announced via the EulerOS-SA-2019-2160 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.(CVE-2018-16329)\n\nImageMagick before 6.9.9-24 and 7.x before 7.0.7-12 has a use-after-free in Magick::Image::read in Magick++/lib/Image.cpp.(CVE-2017-17499)\n\nIn ImageMagick before 6.9.8-5 and 7.x before 7.0.5-6, there is a memory leak in the ReadMATImage function in coders/mat.c.(CVE-2017-13146)\n\nIn ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in coders/mat.c uses uninitialized data, which might allow remote attackers to obtain sensitive information from process memory.(CVE-2017-13143)\n\nIn ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.(CVE-2017-13139)\n\ncoders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5510)\n\ncoders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.(CVE-2017-5509)\n\nMemory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.(CVE-2017-5507)\n\nMemory leak in the IsOptionMember function in MagickCore/option.c in ImageMagick before 6.9.2-2, as used in ODR-PadEnc and other products, allows attackers to trigger memory consumption.(CVE-2016-10252)\n\nOff-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.(CVE-2016-10145)\n\nMemory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.(CVE-2016-7539)\n\nIn coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.(CVE-2018-20467)\n\nIn ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.(CVE-2018-16328)\n\nReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.(CVE-2018-16323)\n\nWriteEPTImage in coders/ept.c in ImageMa ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ImageMagick' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.9.9.38~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-c++\", rpm:\"ImageMagick-c++~6.9.9.38~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-libs\", rpm:\"ImageMagick-libs~6.9.9.38~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-perl\", rpm:\"ImageMagick-perl~6.9.9.38~3.h11.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:33:53", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1970)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5689", "CVE-2016-10144", "CVE-2016-5687", "CVE-2016-5690", "CVE-2016-5691"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191970", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191970", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1970\");\n script_version(\"2020-01-23T12:28:55+0000\");\n script_cve_id(\"CVE-2016-10144\", \"CVE-2016-5687\", \"CVE-2016-5689\", \"CVE-2016-5690\", \"CVE-2016-5691\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:55 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:55 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1970)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1970\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1970\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ImageMagick' package(s) announced via the EulerOS-SA-2019-1970 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.(CVE-2016-5691)\n\nThe ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.(CVE-2016-5690)\n\nThe DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.(CVE-2016-5689)\n\nThe VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read.(CVE-2016-5687)\n\ncoders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.(CVE-2016-10144)\");\n\n script_tag(name:\"affected\", value:\"'ImageMagick' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.7.8.9~15.h27.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-c++\", rpm:\"ImageMagick-c++~6.7.8.9~15.h27.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-perl\", rpm:\"ImageMagick-perl~6.7.8.9~15.h27.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for imagemagick USN-3142-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-9556", "CVE-2016-8862"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842968", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for imagemagick USN-3142-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842968\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-01 05:39:13 +0100 (Thu, 01 Dec 2016)\");\n script_cve_id(\"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8862\", \"CVE-2016-9556\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for imagemagick USN-3142-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that ImageMagick incorrectly\n handled certain malformed image files. If a user or automated system using\n ImageMagick were tricked into opening a specially crafted image, an attacker could\n exploit this to cause a denial of service or possibly execute code with the\n privileges of the user invoking the program.\");\n script_tag(name:\"affected\", value:\"imagemagick on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS,\n Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3142-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3142-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS|16\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.7.7.10-6ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++5\", ver:\"8:6.7.7.10-6ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore5\", ver:\"8:6.7.7.10-6ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore5-extra\", ver:\"8:6.7.7.10-6ubuntu3.3\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.6.9.7-5ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++4\", ver:\"8:6.6.9.7-5ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore4\", ver:\"8:6.6.9.7-5ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore4-extra\", ver:\"8:6.6.9.7-5ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-7ubuntu5.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-7ubuntu5.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5v5\", ver:\"8:6.8.9.9-7ubuntu5.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-7ubuntu5.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-7ubuntu5.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-7ubuntu8.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-7ubuntu8.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5v5\", ver:\"8:6.8.9.9-7ubuntu8.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-7ubuntu8.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-7ubuntu8.2\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:02", "description": "Several issues have been discovered\nin ImageMagick, a popular set of programs and libraries for image manipulation.\nThese issues include several problems in memory handling that can result in a\ndenial of service attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.", "cvss3": {}, "published": "2016-11-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3726-1 (imagemagick - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-9556", "CVE-2016-8862", "CVE-2016-9559"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703726", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703726", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3726.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3726-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703726\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8862\",\n \"CVE-2016-9556\", \"CVE-2016-9559\");\n script_name(\"Debian Security Advisory DSA 3726-1 (imagemagick - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-26 00:00:00 +0100 (Sat, 26 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3726.html\");\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"imagemagick on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthese problems have been fixed in version 8:6.8.9.9-5+deb8u6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.6.5+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\");\n script_tag(name:\"summary\", value:\"Several issues have been discovered\nin ImageMagick, a popular set of programs and libraries for image manipulation.\nThese issues include several problems in memory handling that can result in a\ndenial of service attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-dbg:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"imagemagick-dbg:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif((res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.8.9.9-5+deb8u6\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:54:58", "description": "Several issues have been discovered\nin ImageMagick, a popular set of programs and libraries for image manipulation.\nThese issues include several problems in memory handling that can result in a\ndenial of service attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.", "cvss3": {}, "published": "2016-11-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3726-1 (imagemagick - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-9556", "CVE-2016-8862", "CVE-2016-9559"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703726", "href": "http://plugins.openvas.org/nasl.php?oid=703726", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3726.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3726-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703726);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8862\",\n \"CVE-2016-9556\", \"CVE-2016-9559\");\n script_name(\"Debian Security Advisory DSA 3726-1 (imagemagick - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-11-26 00:00:00 +0100 (Sat, 26 Nov 2016)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3726.html\");\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"imagemagick on Debian Linux\");\n script_tag(name: \"insight\", value: \"ImageMagick is a software suite to\ncreate, edit, and compose bitmap images. It can read, convert and write images\nin a variety of formats (over 100) including DPX, EXR, GIF, JPEG, JPEG-2000,\nPDF, PhotoCD, PNG, Postscript, SVG, and TIFF. Use ImageMagick to translate,\nflip, mirror, rotate, scale, shear and transform images, adjust image colors,\napply various special effects, or draw text, lines, polygons, ellipses and\nBezier curves. All manipulations can be achieved through shell commands as\nwell as through an X11 graphical interface (display).\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthese problems have been fixed in version 8:6.8.9.9-5+deb8u6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.6.5+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\");\n script_tag(name: \"summary\", value: \"Several issues have been discovered\nin ImageMagick, a popular set of programs and libraries for image manipulation.\nThese issues include several problems in memory handling that can result in a\ndenial of service attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-dbg:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"imagemagick-dbg:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-5:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev:amd64\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev:i386\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif ((res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.8.9.9-5+deb8u6\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-02-05T16:39:09", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-2354)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13142", "CVE-2016-7519", "CVE-2016-7529", "CVE-2016-4562", "CVE-2016-7799", "CVE-2016-7526", "CVE-2017-7943", "CVE-2017-6502", "CVE-2017-13146", "CVE-2014-8562", "CVE-2016-8707", "CVE-2016-5688", "CVE-2016-10046", "CVE-2014-8716", "CVE-2019-7175", "CVE-2016-7525", "CVE-2017-13144", "CVE-2016-10066", "CVE-2017-11529", "CVE-2017-6500", "CVE-2016-7530", "CVE-2016-5689", "CVE-2016-10252", "CVE-2017-13658", "CVE-2017-6499", "CVE-2016-10049", "CVE-2015-8902", "CVE-2017-13143", "CVE-2017-11523", "CVE-2016-10071", "CVE-2017-11478", "CVE-2016-10144", "CVE-2016-7539", "CVE-2014-9853", "CVE-2018-6405", "CVE-2015-8901", "CVE-2016-7520", "CVE-2017-6501", "CVE-2016-10061", "CVE-2015-8900", "CVE-2016-7533", "CVE-2015-8903", "CVE-2017-11527", "CVE-2016-10067", "CVE-2017-11525", "CVE-2016-7534", "CVE-2017-13139", "CVE-2016-8866", "CVE-2016-10052", "CVE-2014-8355", "CVE-2016-6491", "CVE-2016-10057", "CVE-2016-10064", "CVE-2016-10062", "CVE-2016-10145", "CVE-2017-11505", "CVE-2016-10056", "CVE-2017-11530", "CVE-2016-7531", "CVE-2016-10068", "CVE-2016-7515", "CVE-2016-10054", "CVE-2016-10063", "CVE-2017-5509", "CVE-2016-10060", "CVE-2016-6823", "CVE-2016-5687", "CVE-2016-10058", "CVE-2016-10053", "CVE-2017-5508", "CVE-2014-8354", "CVE-2016-7516", "CVE-2014-9852", "CVE-2014-9824", "CVE-2017-17504", "CVE-2017-5510", "CVE-2017-13141", "CVE-2016-7517", "CVE-2017-6497", "CVE-2015-8957", "CVE-2016-10059", "CVE-2017-11528", "CVE-2016-7906", "CVE-2016-8677", "CVE-2014-9837", "CVE-2018-20467", "CVE-2016-10065", "CVE-2016-7528", "CVE-2017-7941", "CVE-2016-10055", "CVE-2014-9822", "CVE-2014-9907", "CVE-2018-16323", "CVE-2018-16328", "CVE-2016-7518", "CVE-2016-4563", "CVE-2016-5690", "CVE-2017-11526", "CVE-2015-8958", "CVE-2016-10047", "CVE-2016-7101", "CVE-2016-10070", "CVE-2014-9854", "CVE-2017-17499", "CVE-2017-13140", "CVE-2016-9559", "CVE-2014-9823", "CVE-2016-5691", "CVE-2017-5507", "CVE-2016-10069", "CVE-2017-7942", "CVE-2017-12427", "CVE-2014-9825", "CVE-2017-6498", "CVE-2016-4564", "CVE-2017-13145", "CVE-2017-11524", "CVE-2014-9821"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220192354", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192354", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2354\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2014-8354\", \"CVE-2014-8355\", \"CVE-2014-8562\", \"CVE-2014-8716\", \"CVE-2014-9821\", \"CVE-2014-9822\", \"CVE-2014-9823\", \"CVE-2014-9824\", \"CVE-2014-9825\", \"CVE-2014-9837\", \"CVE-2014-9852\", \"CVE-2014-9853\", \"CVE-2014-9854\", \"CVE-2014-9907\", \"CVE-2015-8900\", \"CVE-2015-8901\", \"CVE-2015-8902\", \"CVE-2015-8903\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2016-10046\", \"CVE-2016-10047\", \"CVE-2016-10049\", \"CVE-2016-10052\", \"CVE-2016-10053\", \"CVE-2016-10054\", \"CVE-2016-10055\", \"CVE-2016-10056\", \"CVE-2016-10057\", \"CVE-2016-10058\", \"CVE-2016-10059\", \"CVE-2016-10060\", \"CVE-2016-10061\", \"CVE-2016-10062\", \"CVE-2016-10063\", \"CVE-2016-10064\", \"CVE-2016-10065\", \"CVE-2016-10066\", \"CVE-2016-10067\", \"CVE-2016-10068\", \"CVE-2016-10069\", \"CVE-2016-10070\", \"CVE-2016-10071\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10252\", \"CVE-2016-4562\", \"CVE-2016-4563\", \"CVE-2016-4564\", \"CVE-2016-5687\", \"CVE-2016-5688\", \"CVE-2016-5689\", \"CVE-2016-5690\", \"CVE-2016-5691\", \"CVE-2016-6491\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7539\", \"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8707\", \"CVE-2016-8866\", \"CVE-2016-9559\", \"CVE-2017-11478\", \"CVE-2017-11505\", \"CVE-2017-11523\", \"CVE-2017-11524\", \"CVE-2017-11525\", \"CVE-2017-11526\", \"CVE-2017-11527\", \"CVE-2017-11528\", \"CVE-2017-11529\", \"CVE-2017-11530\", \"CVE-2017-12427\", \"CVE-2017-13139\", \"CVE-2017-13140\", \"CVE-2017-13141\", \"CVE-2017-13142\", \"CVE-2017-13143\", \"CVE-2017-13144\", \"CVE-2017-13145\", \"CVE-2017-13146\", \"CVE-2017-13658\", \"CVE-2017-17499\", \"CVE-2017-17504\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5509\", \"CVE-2017-5510\", \"CVE-2017-6497\", \"CVE-2017-6498\", \"CVE-2017-6499\", \"CVE-2017-6500\", \"CVE-2017-6501\", \"CVE-2017-6502\", \"CVE-2017-7941\", \"CVE-2017-7942\", \"CVE-2017-7943\", \"CVE-2018-16323\", \"CVE-2018-16328\", \"CVE-2018-20467\", \"CVE-2018-6405\", \"CVE-2019-7175\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:49:27 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-2354)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2354\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2354\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ImageMagick' package(s) announced via the EulerOS-SA-2019-2354 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.(CVE-2019-7175)\n\nReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.(CVE-2018-16323)\n\nIn ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.(CVE-2018-16328)\n\nThe DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4562)\n\nThe TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4563)\n\nThe DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.(CVE-2016-4564)\n\nThe ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.(CVE-2017-11525)\n\nIn coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.(CVE-2018-20467)\n\ncoders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.(CVE-2014-9837)\n\ncoders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.(CVE-2015-8958)\n\nMemory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file.(CVE-2016-10058)\n\nThe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ImageMagick' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.9.9.38~1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-c++\", rpm:\"ImageMagick-c++~6.9.9.38~1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-libs\", rpm:\"ImageMagick-libs~6.9.9.38~1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-perl\", rpm:\"ImageMagick-perl~6.9.9.38~1.h4\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-17T16:54:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2020-1390)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-13142", "CVE-2016-7519", "CVE-2016-7529", "CVE-2016-4562", "CVE-2016-7799", "CVE-2016-7526", "CVE-2017-7943", "CVE-2017-6502", "CVE-2017-13146", "CVE-2014-8562", "CVE-2016-8707", "CVE-2016-5688", "CVE-2019-13134", "CVE-2016-10046", "CVE-2014-8716", "CVE-2016-7525", "CVE-2017-13144", "CVE-2016-10066", "CVE-2017-11529", "CVE-2017-6500", "CVE-2016-7530", "CVE-2016-5689", "CVE-2016-10252", "CVE-2017-13658", "CVE-2017-6499", "CVE-2016-10049", "CVE-2015-8902", "CVE-2017-13143", "CVE-2017-11523", "CVE-2016-10071", "CVE-2017-11478", "CVE-2016-10144", "CVE-2016-7539", "CVE-2014-9853", "CVE-2018-6405", "CVE-2015-8901", "CVE-2016-7520", "CVE-2017-6501", "CVE-2016-10061", "CVE-2015-8900", "CVE-2016-7533", "CVE-2015-8903", "CVE-2017-11527", "CVE-2016-10067", "CVE-2017-11525", "CVE-2016-7534", "CVE-2017-13139", "CVE-2016-8866", "CVE-2014-8355", "CVE-2016-6491", "CVE-2016-10057", "CVE-2016-10064", "CVE-2016-10062", "CVE-2016-10145", "CVE-2017-11505", "CVE-2016-10056", "CVE-2017-11530", "CVE-2016-7531", "CVE-2016-10068", "CVE-2016-7515", "CVE-2016-10054", "CVE-2016-10063", "CVE-2014-9819", "CVE-2017-5509", "CVE-2016-10060", "CVE-2016-6823", "CVE-2016-5687", "CVE-2016-10058", "CVE-2016-10053", "CVE-2017-5508", "CVE-2014-8354", "CVE-2016-7516", "CVE-2014-9852", "CVE-2014-9824", "CVE-2017-17504", "CVE-2017-5510", "CVE-2017-13141", "CVE-2016-7517", "CVE-2017-6497", "CVE-2015-8957", "CVE-2016-10059", "CVE-2017-11528", "CVE-2016-7906", "CVE-2016-8677", "CVE-2014-9837", "CVE-2018-20467", "CVE-2016-10065", "CVE-2016-7528", "CVE-2017-7941", "CVE-2016-10055", "CVE-2014-9822", "CVE-2014-9907", "CVE-2018-16323", "CVE-2018-16328", "CVE-2016-7518", "CVE-2016-4563", "CVE-2016-5690", "CVE-2017-11526", "CVE-2015-8958", "CVE-2016-10047", "CVE-2016-7101", "CVE-2016-10070", "CVE-2014-9854", "CVE-2017-17499", "CVE-2017-13140", "CVE-2016-9559", "CVE-2014-9823", "CVE-2016-5691", "CVE-2017-5507", "CVE-2016-10069", "CVE-2017-7942", "CVE-2019-13133", "CVE-2017-12427", "CVE-2014-9825", "CVE-2017-6498", "CVE-2016-4564", "CVE-2017-13145", "CVE-2017-11524", "CVE-2014-9821"], "modified": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201390", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201390", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1390\");\n script_version(\"2020-04-16T05:46:13+0000\");\n script_cve_id(\"CVE-2014-8354\", \"CVE-2014-8355\", \"CVE-2014-8562\", \"CVE-2014-8716\", \"CVE-2014-9821\", \"CVE-2014-9822\", \"CVE-2014-9823\", \"CVE-2014-9824\", \"CVE-2014-9825\", \"CVE-2014-9837\", \"CVE-2014-9852\", \"CVE-2014-9853\", \"CVE-2014-9854\", \"CVE-2014-9907\", \"CVE-2015-8900\", \"CVE-2015-8901\", \"CVE-2015-8902\", \"CVE-2015-8903\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2016-10046\", \"CVE-2016-10047\", \"CVE-2016-10049\", \"CVE-2016-10053\", \"CVE-2016-10054\", \"CVE-2016-10055\", \"CVE-2016-10056\", \"CVE-2016-10057\", \"CVE-2016-10058\", \"CVE-2016-10059\", \"CVE-2016-10060\", \"CVE-2016-10061\", \"CVE-2016-10062\", \"CVE-2016-10063\", \"CVE-2016-10064\", \"CVE-2016-10065\", \"CVE-2016-10066\", \"CVE-2016-10067\", \"CVE-2016-10068\", \"CVE-2016-10069\", \"CVE-2016-10070\", \"CVE-2016-10071\", \"CVE-2016-10144\", \"CVE-2016-10145\", \"CVE-2016-10252\", \"CVE-2016-4562\", \"CVE-2016-4563\", \"CVE-2016-4564\", \"CVE-2016-5687\", \"CVE-2016-5688\", \"CVE-2016-5689\", \"CVE-2016-5690\", \"CVE-2016-5691\", \"CVE-2016-6491\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7539\", \"CVE-2016-7799\", \"CVE-2016-7906\", \"CVE-2016-8677\", \"CVE-2016-8707\", \"CVE-2016-8866\", \"CVE-2016-9559\", \"CVE-2017-11478\", \"CVE-2017-11505\", \"CVE-2017-11523\", \"CVE-2017-11524\", \"CVE-2017-11525\", \"CVE-2017-11526\", \"CVE-2017-11527\", \"CVE-2017-11528\", \"CVE-2017-11529\", \"CVE-2017-11530\", \"CVE-2017-12427\", \"CVE-2017-13139\", \"CVE-2017-13140\", \"CVE-2017-13141\", \"CVE-2017-13142\", \"CVE-2017-13143\", \"CVE-2017-13144\", \"CVE-2017-13145\", \"CVE-2017-13146\", \"CVE-2017-13658\", \"CVE-2017-17499\", \"CVE-2017-17504\", \"CVE-2017-5507\", \"CVE-2017-5508\", \"CVE-2017-5509\", \"CVE-2017-5510\", \"CVE-2017-6497\", \"CVE-2017-6498\", \"CVE-2017-6499\", \"CVE-2017-6500\", \"CVE-2017-6501\", \"CVE-2017-6502\", \"CVE-2017-7941\", \"CVE-2017-7942\", \"CVE-2017-7943\", \"CVE-2018-16323\", \"CVE-2018-16328\", \"CVE-2018-20467\", \"CVE-2018-6405\", \"CVE-2019-13133\", \"CVE-2019-13134\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:46:13 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:46:13 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2020-1390)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1390\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1390\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ImageMagick' package(s) announced via the EulerOS-SA-2020-1390 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file.(CVE-2014-8354)\n\nPCX parser code in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).(CVE-2014-8355)\n\nDCM decode in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds read).(CVE-2014-8562)\n\nThe JPEG decoder in ImageMagick before 6.8.9-9 allows local users to cause a denial of service (out-of-bounds memory access and crash).(CVE-2014-8716)\n\nHeap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.(CVE-2014-9821)\n\nHeap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file.(CVE-2014-9822)\n\nHeap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819.(CVE-2014-9823)\n\nHeap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825.(CVE-2014-9824)\n\nHeap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824.(CVE-2014-9825)\n\ncoders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file.(CVE-2014-9837)\n\ndistribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors.(CVE-2014-9852)\n\nMemory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.(CVE-2014-9853)\n\ncoders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the ''identification of image.''(CVE-2014-9854)\n\ncoders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.(CVE-2014-9907)\n\nThe ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.(CVE-2015-8900)\n\nImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.(CVE-2015-8901)\n\nThe ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ImageMagick' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.9.9.38~1.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-c++\", rpm:\"ImageMagick-c++~6.9.9.38~1.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-libs\", rpm:\"ImageMagick-libs~6.9.9.38~1.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-perl\", rpm:\"ImageMagick-perl~6.9.9.38~1.h6\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2023-05-02T15:55:49", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3799-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMarch 01, 2017 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : imagemagick\nCVE ID : CVE-2016-8707 CVE-2016-10062 CVE-2016-10144\n CVE-2016-10145 CVE-2016-10146 CVE-2017-5506\n\t\t CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511\nDebian Bug : 851485 851483 851380 848139 851383 851382 851381\n 851374 851376 849439\n\nThis update fixes several vulnerabilities in imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service or the execution of arbitrary\ncode if malformed TIFF, WPG, IPL, MPC or PSB files are processed.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u7.\n\nFor the testing distribution (stretch), these problems have been fixed\nin version 8:6.9.7.4+dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.7.4+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-01T22:06:44", "type": "debian", "title": "[SECURITY] [DSA 3799-1] imagemagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10062", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-8707", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2017-03-01T22:06:44", "id": "DEBIAN:DSA-3799-1:CBEDC", "href": "https://lists.debian.org/debian-security-announce/2017/msg00052.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-21T22:11:49", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3726-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nNovember 26, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : imagemagick\nCVE ID : CVE-2016-7799 CVE-2016-7906 CVE-2016-8677\nDebian Bug : #840437 #845195 #845196 #845198 #845202 #845206 #845212\n #845213 #845242 #845243 #845244 #845246 #840435\n\nSeveral issues have been discovered in ImageMagick, a popular set of\nprograms and libraries for image manipulation. These issues include\nseveral problems in memory handling that can result in a denial of\nservice attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.6.5+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-11-27T04:09:30", "type": "debian", "title": "[SECURITY] [DSA 3726-1] imagemagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677"], "modified": "2016-11-27T04:09:30", "id": "DEBIAN:DSA-3726-1:11C95", "href": "https://lists.debian.org/debian-security-announce/2016/msg00308.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-02T15:57:57", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3726-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nNovember 26, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : imagemagick\nCVE ID : CVE-2016-7799 CVE-2016-7906 CVE-2016-8677\nDebian Bug : #840437 #845195 #845196 #845198 #845202 #845206 #845212\n #845213 #845242 #845243 #845244 #845246 #840435\n\nSeveral issues have been discovered in ImageMagick, a popular set of\nprograms and libraries for image manipulation. These issues include\nseveral problems in memory handling that can result in a denial of\nservice attack or in execution of arbitrary code by an attacker with\ncontrol on the image input.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 8:6.8.9.9-5+deb8u6.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 8:6.9.6.5+dfsg-1.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-27T04:09:30", "type": "debian", "title": "[SECURITY] [DSA 3726-1] imagemagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677"], "modified": "2016-11-27T04:09:30", "id": "DEBIAN:DSA-3726-1:AB5D7", "href": "https://lists.debian.org/debian-security-announce/2016/msg00308.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2023-06-10T15:35:53", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nIt was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.107.0.\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 versions 1.107.0. or later.\n\n# References\n\n * [USN-3222-1](<http://www.ubuntu.com/usn/usn-3222-1/>)\n * [CVE-2016-10062](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10062>)\n * [CVE-2016-10144](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10144>)\n * [CVE-2016-10145](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10145>)\n * [CVE-2016-10146](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10146>)\n * [CVE-2016-8707](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-8707>)\n * [CVE-2017-5506](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5506>)\n * [CVE-2017-5507](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5507>)\n * [CVE-2017-5508](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5508>)\n * [CVE-2017-5510](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5510>)\n * [CVE-2017-5511](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5511>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-31T00:00:00", "type": "cloudfoundry", "title": "USN-3222-1: ImageMagick vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10062", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-8707", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2017-03-31T00:00:00", "id": "CFOUNDRY:34369009FCCF4C09275F6EF965B4832E", "href": "https://www.cloudfoundry.org/blog/usn-3222-1/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:07:45", "description": "USN-3142-1: ImageMagick vulnerabilities\n\n# \n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04 LTS\n\n# Description\n\nIt was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.\n\n# Affected Cloud Foundry Products and Versions\n\nSeverity is medium unless otherwise noted.\n\n* All versions of Cloud Foundry cflinuxfs2 prior to v.1.92.0\n\n# Mitigation\n\nThe Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.92.0 or later versions.\n\n# References\n\n * <https://www.ubuntu.com/usn/usn-3142-1/>\n * <https://github.com/cloudfoundry/stacks/releases/>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7799.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7906.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8677.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8862.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9556.html>\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-12-27T00:00:00", "type": "cloudfoundry", "title": "USN-3142-1: ImageMagick vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-8862", "CVE-2016-9556"], "modified": "2016-12-27T00:00:00", "id": "CFOUNDRY:D8534D7A468FE2CF04E2631B6EBB8190", "href": "https://www.cloudfoundry.org/blog/usn-3142-1/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-06-10T16:02:48", "description": "## Releases\n\n * Ubuntu 16.10 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * imagemagick \\- Image manipulation programs and library\n\nIt was discovered that ImageMagick incorrectly handled certain malformed \nimage files. If a user or automated system using ImageMagick were tricked \ninto opening a specially crafted image, an attacker could exploit this to \ncause a denial of service or possibly execute code with the privileges of \nthe user invoking the program.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-08T00:00:00", "type": "ubuntu", "title": "ImageMagick vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10062", "CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-8707", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2017-03-08T00:00:00", "id": "USN-3222-1", "href": "https://ubuntu.com/security/notices/USN-3222-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-03T15:47:37", "description": "## Releases\n\n * Ubuntu 16.10 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * imagemagick \\- Image manipulation programs and library\n\nIt was discovered that ImageMagick incorrectly handled certain malformed \nimage files. If a user or automated system using ImageMagick were tricked \ninto opening a specially crafted image, an attacker could exploit this to \ncause a denial of service or possibly execute code with the privileges of \nthe user invoking the program.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-30T00:00:00", "type": "ubuntu", "title": "ImageMagick vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7799", "CVE-2016-7906", "CVE-2016-8677", "CVE-2016-8862", "CVE-2016-9556"], "modified": "2016-11-30T00:00:00", "id": "USN-3142-1", "href": "https://ubuntu.com/security/notices/USN-3142-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2023-06-10T16:34:43", "description": "### Background\n\nImageMagick is a collection of tools and libraries for many image formats. \n\n### Description\n\nMultiple vulnerabilities have been discovered in ImageMagick. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker, by enticing a user to process a specially crafted image file, could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ImageMagick users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/imagemagick-6.9.7.4\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-17T00:00:00", "type": "gentoo", "title": "ImageMagick: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10144", "CVE-2016-10145", "CVE-2016-10146", "CVE-2016-9298", "CVE-2017-5506", "CVE-2017-5507", "CVE-2017-5508", "CVE-2017-5509", "CVE-2017-5510", "CVE-2017-5511"], "modified": "2017-02-17T00:00:00", "id": "GLSA-201702-09", "href": "https://security.gentoo.org/glsa/201702-09", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhatcve": [{"lastseen": "2021-09-02T22:51:52", "description": "coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-18T14:18:00", "type": "redhatcve", "title": "CVE-2016-10144", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10144"], "modified": "2019-10-12T00:25:14", "id": "RH:CVE-2016-10144", "href": "https://access.redhat.com/security/cve/cve-2016-10144", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:51:53", "description": "Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-18T14:17:54", "type": "redhatcve", "title": "CVE-2016-10145", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10145"], "modified": "2019-10-12T00:25:17", "id": "RH:CVE-2016-10145", "href": "https://access.redhat.com/security/cve/cve-2016-10145", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:52:03", "description": "Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-18T14:49:12", "type": "redhatcve", "title": "CVE-2016-10146", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10146"], "modified": "2019-10-12T00:25:20", "id": "RH:CVE-2016-10146", "href": "https://access.redhat.com/security/cve/cve-2016-10146", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:53:17", "description": "The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2016-10-17T14:17:21", "type": "redhatcve", "title": "CVE-2016-8677", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8677"], "modified": "2021-04-22T10:49:09", "id": "RH:CVE-2016-8677", "href": "https://access.redhat.com/security/cve/cve-2016-8677", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:51:43", "description": "Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-01-18T14:18:11", "type": "redhatcve", "title": "CVE-2017-5506", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5506"], "modified": "2020-10-16T12:02:05", "id": "RH:CVE-2017-5506", "href": "https://access.redhat.com/security/cve/cve-2017-5506", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:51:49", "description": "Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-18T14:48:46", "type": "redhatcve", "title": "CVE-2017-5508", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5508"], "modified": "2019-10-12T00:56:34", "id": "RH:CVE-2017-5508", "href": "https://access.redhat.com/security/cve/cve-2017-5508", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:51:45", "description": "Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2017-01-18T14:18:05", "type": "redhatcve", "title": "CVE-2017-5507", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5507"], "modified": "2020-10-16T12:02:05", "id": "RH:CVE-2017-5507", "href": "https://access.redhat.com/security/cve/cve-2017-5507", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:51:49", "description": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-01-18T14:48:54", "type": "redhatcve", "title": "CVE-2017-5510", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5510"], "modified": "2020-10-29T12:07:08", "id": "RH:CVE-2017-5510", "href": "https://access.redhat.com/security/cve/cve-2017-5510", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-02T22:51:49", "description": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-18T14:49:05", "type": "redhatcve", "title": "CVE-2017-5511", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5511"], "modified": "2019-10-12T00:56:39", "id": "RH:CVE-2017-5511", "href": "https://access.redhat.com/security/cve/cve-2017-5511", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2023-04-18T16:14:02", "description": "ImageMagick is vulnerable to denial of service (DoS) attacks. A malicious user can pass a malicious ipl file to the system that can cause the system to crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-19T08:18:23", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10144"], "modified": "2019-05-15T06:18:18", "id": "VERACODE:3677", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3677/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T16:11:02", "description": "ImageMagick is susceptible to denial of service (DoS) attacks. The vulnerability is possible because there are multiple memory leaks in the caption and label handling code.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-27T06:07:09", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10146"], "modified": "2019-05-15T06:18:18", "id": "VERACODE:3786", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3786/summary", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-04-18T16:16:31", "description": "ImageMagick is vulnerable to denial-of-service (DoS) attacks. The library contains a double free bug, allowing a malicious user to pass a malicious image to the system and cause the system to crash.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-19T13:00:53", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5506"], "modified": "2020-10-15T19:09:43", "id": "VERACODE:3680", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3680/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T16:16:43", "description": "ImageMagick is vulnerable to denial of service (DoS) attacks. The vulnerability exists due to an out-of-bounds write flaw in the handling of .psd files.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-17T07:55:00", "type": "veracode", "title": "Denial Of Service (DoS) Via Heap Overflow", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5510"], "modified": "2020-10-28T21:39:17", "id": "VERACODE:3674", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3674/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-04-18T16:13:05", "description": "ImageMagick is susceptible to the leakage of data. It is possible because ImageMagick doesn't suitably cast, leading to a heap-based buffer overflow and leakage of data.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-04-04T05:58:47", "type": "veracode", "title": "Leakage Of Data", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5511"], "modified": "2019-05-15T06:18:34", "id": "VERACODE:3835", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3835/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-06-10T15:18:38", "description": "coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2016-10144", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10144"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:imagemagick:imagemagick:*"], "id": "CVE-2016-10144", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10144", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-10T15:18:38", "description": "Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2016-10145", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10145"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:imagemagick:imagemagick:*"], "id": "CVE-2016-10145", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10145", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-10T15:18:39", "description": "Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2016-10146", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10146"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:imagemagick:imagemagick:*"], "id": "CVE-2016-10146", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10146", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:44:54", "description": "The AcquireQuantumPixels function in MagickCore/quantum.c in ImageMagick before 7.0.3-1 allows remote attackers to have unspecified impact via a crafted image file, which triggers a memory allocation failure.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-02-15T21:59:00", "type": "cve", "title": "CVE-2016-8677", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8677"], "modified": "2021-04-20T15:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:opensuse:opensuse:13.2"], "id": "CVE-2016-8677", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8677", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:22:01", "description": "Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2017-5506", "cwe": ["CWE-415"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5506"], "modified": "2020-10-15T16:08:00", "cpe": ["cpe:/a:imagemagick:imagemagick:*", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2017-5506", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5506", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:22:03", "description": "Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2017-5508", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5508"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.1-1", "cpe:/a:imagemagick:imagemagick:7.0.2-7", "cpe:/a:imagemagick:imagemagick:7.0.2-3", "cpe:/a:imagemagick:imagemagick:7.0.2-10", "cpe:/a:imagemagick:imagemagick:7.0.2-4", "cpe:/a:imagemagick:imagemagick:7.0.3-6", "cpe:/a:imagemagick:imagemagick:7.0.3-10", "cpe:/a:imagemagick:imagemagick:7.0.1-2", "cpe:/a:imagemagick:imagemagick:7.0.1-3", "cpe:/a:imagemagick:imagemagick:7.0.1-6", "cpe:/a:imagemagick:imagemagick:7.0.2-0", "cpe:/a:imagemagick:imagemagick:7.0.3-9", "cpe:/a:imagemagick:imagemagick:7.0.1-4", "cpe:/a:imagemagick:imagemagick:7.0.2-9", "cpe:/a:imagemagick:imagemagick:7.0.2-1", "cpe:/a:imagemagick:imagemagick:7.0.1-10", "cpe:/a:imagemagick:imagemagick:7.0.3-2", "cpe:/a:imagemagick:imagemagick:7.0.1-7", "cpe:/a:imagemagick:imagemagick:7.0.2-8", "cpe:/a:imagemagick:imagemagick:7.0.4-0", "cpe:/a:imagemagick:imagemagick:7.0.1-9", "cpe:/a:imagemagick:imagemagick:7.0.1-5", "cpe:/a:imagemagick:imagemagick:7.0.2-5", "cpe:/a:imagemagick:imagemagick:7.0.3-7", "cpe:/a:imagemagick:imagemagick:7.0.3-0", "cpe:/a:imagemagick:imagemagick:7.0.3-4", "cpe:/a:imagemagick:imagemagick:7.0.3-8", "cpe:/a:imagemagick:imagemagick:6.9.7-2", "cpe:/a:imagemagick:imagemagick:7.0.2-2", "cpe:/a:imagemagick:imagemagick:7.0.4-2", "cpe:/a:imagemagick:imagemagick:7.0.4-1", "cpe:/a:imagemagick:imagemagick:7.0.3-1", "cpe:/a:imagemagick:imagemagick:7.0.1-8", "cpe:/a:imagemagick:imagemagick:7.0.3-5", "cpe:/a:imagemagick:imagemagick:7.0.2-6", "cpe:/a:imagemagick:imagemagick:7.0.1-0", "cpe:/a:imagemagick:imagemagick:7.0.3-3"], "id": "CVE-2017-5508", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5508", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.9.7-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:22:01", "description": "Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2017-5507", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5507"], "modified": "2020-10-15T16:08:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.1-1", "cpe:/a:imagemagick:imagemagick:7.0.2-7", "cpe:/a:imagemagick:imagemagick:7.0.2-3", "cpe:/a:imagemagick:imagemagick:7.0.2-10", "cpe:/a:imagemagick:imagemagick:7.0.2-4", "cpe:/a:imagemagick:imagemagick:7.0.3-6", "cpe:/a:imagemagick:imagemagick:7.0.3-10", "cpe:/a:imagemagick:imagemagick:7.0.1-2", "cpe:/a:imagemagick:imagemagick:7.0.1-3", "cpe:/a:imagemagick:imagemagick:7.0.1-6", "cpe:/a:imagemagick:imagemagick:7.0.2-0", "cpe:/a:imagemagick:imagemagick:7.0.3-9", "cpe:/a:imagemagick:imagemagick:7.0.1-4", "cpe:/a:imagemagick:imagemagick:7.0.2-9", "cpe:/a:imagemagick:imagemagick:7.0.2-1", "cpe:/a:imagemagick:imagemagick:7.0.1-10", "cpe:/a:imagemagick:imagemagick:7.0.3-2", "cpe:/a:imagemagick:imagemagick:7.0.1-7", "cpe:/a:imagemagick:imagemagick:7.0.2-8", "cpe:/a:imagemagick:imagemagick:7.0.4-0", "cpe:/a:imagemagick:imagemagick:7.0.1-9", "cpe:/a:imagemagick:imagemagick:7.0.1-5", "cpe:/a:imagemagick:imagemagick:7.0.4-3", "cpe:/a:imagemagick:imagemagick:7.0.2-5", "cpe:/a:imagemagick:imagemagick:7.0.3-7", "cpe:/a:imagemagick:imagemagick:7.0.3-0", "cpe:/a:imagemagick:imagemagick:7.0.3-4", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:imagemagick:imagemagick:7.0.3-8", "cpe:/a:imagemagick:imagemagick:6.9.7-3", "cpe:/a:imagemagick:imagemagick:7.0.2-2", "cpe:/a:imagemagick:imagemagick:7.0.4-2", "cpe:/a:imagemagick:imagemagick:7.0.4-1", "cpe:/a:imagemagick:imagemagick:7.0.3-1", "cpe:/a:imagemagick:imagemagick:7.0.1-8", "cpe:/a:imagemagick:imagemagick:7.0.3-5", "cpe:/a:imagemagick:imagemagick:7.0.2-6", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:imagemagick:imagemagick:7.0.1-0", "cpe:/a:imagemagick:imagemagick:7.0.3-3"], "id": "CVE-2017-5507", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5507", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.1-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:6.9.7-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-7:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-1:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-8:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-7:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-5:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-4:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-10:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.3-0:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.4-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-6:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-2:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-3:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.1-9:*:*:*:*:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.2-4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:22:03", "description": "coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-24T15:59:00", "type": "cve", "title": "CVE-2017-5510", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact&q
[SECURITY] [DLA 807-1] imagemagick security update
