Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2014-0087
HistoryFeb 21, 2014 - 10:10 p.m.

Updated imagemagick package fixes security vulnerabilities

2014-02-2122:10:03
Gentoo Foundation
advisories.mageia.org
9

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.3%

JSON

A buffer overflow flaw was found in the way ImageMagick handled PSD images that use RLE encoding. An attacker could create a malicious PSD image file that, when opened in ImageMagick, would cause ImageMagick to crash or, potentially, execute arbitrary code with the privileges of the user running ImageMagick (CVE-2014-1958). A buffer overflow flaw was found in the way ImageMagick writes PSD images when the input data has a large number of unlabeled layers (CVE-2014-2030).

OSVersionArchitecturePackageVersionFilename
Mageia3noarchimagemagick< 6.8.1.1-2.1imagemagick-6.8.1.1-2.1.mga3
Mageia4noarchimagemagick< 6.8.7.0-2.1imagemagick-6.8.7.0-2.1.mga4

Related

cve 3
openvas 9
nessus 9
ubuntucve 3
prion 3
debiancve 3
securityvulns 2
debian 1
osv 1
ubuntu 1
fedora 1
amazon 1
gentoo 1
cve
cve
CVE-2014-1958
2020-02-06 15:15:00
CVE-2014-1947
2020-02-17 21:15:00
CVE-2014-2030
2020-02-06 15:15:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0087)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2132-1)
2014-03-12 00:00:00
Fedora Update for ImageMagick FEDORA-2014-4969
2014-04-16 00:00:00
nessus
nessus
ImageMagick < 6.8.8-5 Multiple PSD Handling Buffer Overflows
2014-02-27 00:00:00
openSUSE Security Update : ImageMagick (openSUSE-SU-2014:0362-1)
2014-06-13 00:00:00
Amazon Linux AMI : ImageMagick (ALAS-2014-336)
2014-10-12 00:00:00
ubuntucve
ubuntucve
CVE-2014-1958
2014-02-21 00:00:00
CVE-2014-1947
2020-02-17 00:00:00
CVE-2014-2030
2014-02-21 00:00:00
prion
prion
Buffer overflow
2020-02-06 15:15:00
Stack overflow
2020-02-06 15:15:00
Stack overflow
2020-02-17 21:15:00
debiancve
debiancve
CVE-2014-1958
2020-02-06 15:15:00
CVE-2014-2030
2020-02-06 15:15:00
CVE-2014-1947
2020-02-17 21:15:00
securityvulns
securityvulns
Imagemagic security vulnerabilities
2014-03-31 00:00:00
[USN-2132-1] ImageMagick vulnerabilities
2014-03-31 00:00:00
debian
debian
[SECURITY] [DSA 2898-1] imagemagick security update
2014-04-09 17:11:54
osv
osv
imagemagick - security update
2014-04-09 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2014-03-06 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ImageMagick-6.8.6.3-4.fc20
2014-04-15 15:38:07
amazon
amazon
Medium: ImageMagick
2014-05-13 14:03:00
gentoo
gentoo
ImageMagick: Multiple vulnerabilities
2014-05-17 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.3%

JSON
Related for MGASA-2014-0087
cve3openvas9nessus9ubuntucve3prion3debiancve3securityvulns2debian1osv1ubuntu1fedora1amazon1gentoo1