The updated packages fix a security vulnerability

2016-10-08T20:18:54

Description

Unsigned underflow leading to heap overflow when parsing 8BIM chunk (CVE-2016-7800). Two issues in the WPG reader (CVE-2016-7996, CVE-2016-7997).

Affected Package

OS	OS Version	Package Name	Package Version
Mageia	5	graphicsmagick	1.3.25-1.2

{"id": "MGASA-2016-0337", "vendorId": null, "type": "mageia", "bulletinFamily": "unix", "title": "The updated packages fix a security vulnerability\n", "description": "Unsigned underflow leading to heap overflow when parsing 8BIM chunk (CVE-2016-7800). Two issues in the WPG reader (CVE-2016-7996, CVE-2016-7997). \n", "published": "2016-10-08T20:18:54", "modified": "2016-10-08T20:18:53", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://advisories.mageia.org/MGASA-2016-0337.html", "reporter": "Gentoo Foundation", "references": ["https://bugs.mageia.org/show_bug.cgi?id=19506", "http://openwall.com/lists/oss-security/2016/10/01/7", "http://openwall.com/lists/oss-security/2016/10/08/5"], "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997"], "immutableFields": [], "lastseen": "2022-04-18T11:19:34", "viewCount": 8, "enchantments": {"score": {"value": 2.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2017-820"]}, {"type": "cve", "idList": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997"]}, {"type": "debian", "idList": ["DEBIAN:DLA-651-1:36F8B", "DEBIAN:DLA-683-1:B3C9A", "DEBIAN:DSA-3746-1:7E756", "DEBIAN:DSA-3746-1:A9B4D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-7800", "DEBIANCVE:CVE-2016-7996", "DEBIANCVE:CVE-2016-7997"]}, {"type": "fedora", "idList": ["FEDORA:03F756157A10", "FEDORA:EDE9A63AA70C"]}, {"type": "freebsd", "idList": ["25F73C47-68A8-4A30-9CBC-1CA5EEA4D6BA"]}, {"type": "mageia", "idList": ["MGASA-2017-0229"]}, {"type": "nessus", "idList": ["ALA_ALAS-2017-820.NASL", "DEBIAN_DLA-651.NASL", "DEBIAN_DLA-683.NASL", "DEBIAN_DSA-3746.NASL", "FEDORA_2017-C71A0F40F0.NASL", "FEDORA_2017-D2BAB54AC9.NASL", "FREEBSD_PKG_25F73C4768A84A309CBC1CA5EEA4D6BA.NASL", "OPENSUSE-2016-1229.NASL", "OPENSUSE-2016-1230.NASL", "OPENSUSE-2016-1242.NASL", "OPENSUSE-2016-1282.NASL", "OPENSUSE-2016-1430.NASL", "SUSE_SU-2016-2667-1.NASL", "SUSE_SU-2016-2964-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310703746", "OPENVAS:1361412562310810537", "OPENVAS:1361412562310851511", "OPENVAS:1361412562310872461", "OPENVAS:1361412562310872471", "OPENVAS:703746"]}, {"type": "osv", "idList": ["OSV:DLA-651-1", "OSV:DLA-683-1", "OSV:DSA-3746-1"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:3060-1", "SUSE-SU-2016:2964-1", "SUSE-SU-2017:3435-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-7800", "UB:CVE-2016-7996", "UB:CVE-2016-7997"]}]}, "epss": [{"cve": "CVE-2016-7800", "epss": "0.023940000", "percentile": "0.881980000", "modified": "2023-03-19"}, {"cve": "CVE-2016-7996", "epss": "0.004230000", "percentile": "0.702570000", "modified": "2023-03-19"}, {"cve": "CVE-2016-7997", "epss": "0.003960000", "percentile": "0.693460000", "modified": "2023-03-19"}], "vulnersScore": 2.6}, "_state": {"dependencies": 1659986029, "score": 1659973262, "epss": 1679288289}, "_internal": {"score_hash": "2dacdc496f73cfef0d6dd7647537af22"}, "affectedPackage": [{"OS": "Mageia", "OSVersion": "5", "arch": "noarch", "packageVersion": "1.3.25-1.2", "operator": "lt", "packageFilename": "graphicsmagick-1.3.25-1.2.mga5", "packageName": "graphicsmagick"}]}

{"openvas": [{"lastseen": "2019-07-17T14:21:13", "description": "This host is installed with GraphicsMagick\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-02-02T00:00:00", "type": "openvas", "title": "GraphicsMagick Multiple Vulnerabilities - Feb17 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7997", "CVE-2016-7996", "CVE-2016-7800"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310810537", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810537", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# GraphicsMagick Multiple Vulnerabilities - Feb17 (Windows)\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:graphicsmagick:graphicsmagick\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810537\");\n script_version(\"2019-07-05T10:41:31+0000\");\n script_cve_id(\"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-7800\");\n script_bugtraq_id(93467, 93464, 96135);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2017-02-02 14:58:13 +0530 (Thu, 02 Feb 2017)\");\n script_name(\"GraphicsMagick Multiple Vulnerabilities - Feb17 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with GraphicsMagick\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists as,\n\n - In a build with QuantumDepth=8 (the default), there is no check that the\n provided colormap is not larger than 256 entries, resulting in potential\n heap overflow.\n\n - A logic error which leads to passing a NULL pointer where a NULL pointer\n is not allowed.\n\n - An integer underflow error in the parse8BIM function in coders/meta.c\n script.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service and to have unspecified impact.\");\n\n script_tag(name:\"affected\", value:\"GraphicsMagick version 1.3.25 and earlier\n on Windows\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate patch from the vendor.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/10/08/5\");\n script_xref(name:\"URL\", value:\"http://www.openwall.com/lists/oss-security/2016/10/01/7\");\n script_xref(name:\"URL\", value:\"http://seclists.org/oss-sec/2016/q4/55\");\n\n script_category(ACT_GATHER_INFO);\n script_family(\"General\");\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_dependencies(\"gb_graphicsmagick_detect_win.nasl\");\n script_mandatory_keys(\"GraphicsMagick/Win/Installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!gmVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(version_is_less_equal(version:gmVer, test_version:\"1.3.25\"))\n{\n report = report_fixed_ver(installed_version:gmVer, fixed_version:\"Apply the patch\");\n security_message(data:report);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-09T00:00:00", "type": "openvas", "title": "Fedora Update for GraphicsMagick FEDORA-2017-c71a0f40f0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8683", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-8684", "CVE-2016-7800", "CVE-2016-8682"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872461", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872461", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for GraphicsMagick FEDORA-2017-c71a0f40f0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872461\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-09 17:44:17 +0100 (Thu, 09 Mar 2017)\");\n script_cve_id(\"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\", \"CVE-2016-7996\",\n \"CVE-2016-7997\", \"CVE-2016-7800\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for GraphicsMagick FEDORA-2017-c71a0f40f0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'GraphicsMagick'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"GraphicsMagick on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-c71a0f40f0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DLPLLMLNBNAT7YWOSVGDII4AM3IADJP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.3.25~6.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-13T00:00:00", "type": "openvas", "title": "Fedora Update for GraphicsMagick FEDORA-2017-d2bab54ac9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8683", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-8684", "CVE-2016-7800", "CVE-2016-8682"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for GraphicsMagick FEDORA-2017-d2bab54ac9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872471\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-13 05:54:43 +0100 (Mon, 13 Mar 2017)\");\n script_cve_id(\"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\",\n \"CVE-2016-8683\", \"CVE-2016-8684\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for GraphicsMagick FEDORA-2017-d2bab54ac9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'GraphicsMagick'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"GraphicsMagick on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-d2bab54ac9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JHZLLNOYXORASQYEB6VZ6V2FL4FGNKTD\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.3.25~6.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:54:31", "description": "Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can\ncause denial of service attacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the\nCVE-2016-3714 vulnerability.\n\nThe undocumented TMP magick prefix no longer removes the argument file\nafter it has been read for fixing the CVE-2016-3715 vulnerability. Since the TMP \nfeature was originally implemented, GraphicsMagick added a temporary file\nmanagement subsystem which assures that temporary files are removed so this\nfeature is not needed.\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) for fixing the\nCVE-2016-5118 vulnerability.\n\nCVE-2015-8808 \nGustavo Grieco discovered an out of bound read in the parsing of GIF\nfiles which may cause denial of service.\n\nCVE-2016-2317 \nGustavo Grieco discovered a stack buffer overflow and two heap buffer\noverflows while processing SVG images which may cause denial of service.\n\nCVE-2016-2318 \nGustavo Grieco discovered several segmentation faults while processing\nSVG images which may cause denial of service.\n\nCVE-2016-5240 \nGustavo Grieco discovered an endless loop problem caused by negative\nstroke-dasharray arguments while parsing SVG files which may cause\ndenial of service.\n\nCVE-2016-7800 \nMarco Grassi discovered an unsigned underflow leading to heap overflow\nwhen parsing 8BIM chunk often attached to JPG files which may cause\ndenial of service.\n\nCVE-2016-7996 \nMoshe Kaplan discovered that there is no check that the provided\ncolormap is not larger than 256 entries in the WPG reader which may\ncause denial of service.\n\nCVE-2016-7997 \nMoshe Kaplan discovered that an assertion is thrown for some files in\nthe WPG reader due to a logic error which may cause denial of service.\n\nCVE-2016-8682 \nAgostino Sarubbo of Gentoo discovered a stack buffer read overflow\nwhile reading the SCT header which may cause denial of service.\n\nCVE-2016-8683 \nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nPCX coder which may cause denial of service.\n\nCVE-2016-8684 \nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nSGI coder which may cause denial of service.\n\nCVE-2016-9830 \nAgostino Sarubbo of Gentoo discovered a memory allocation failure in\nMagickRealloc() function which may cause denial of service.", "cvss3": {}, "published": "2016-12-24T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3746-1 (graphicsmagick - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3715", "CVE-2016-8683", "CVE-2016-2317", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-3714", "CVE-2016-9830", "CVE-2016-8684", "CVE-2015-8808", "CVE-2016-7800", "CVE-2016-5240", "CVE-2016-2318", "CVE-2016-8682", "CVE-2016-5118"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703746", "href": "http://plugins.openvas.org/nasl.php?oid=703746", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3746.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3746-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703746);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2015-8808\", \"CVE-2016-2317\", \"CVE-2016-2318\", \"CVE-2016-3714\",\n \"CVE-2016-3715\", \"CVE-2016-5118\", \"CVE-2016-5240\", \"CVE-2016-7800\",\n \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\",\n \"CVE-2016-8684\", \"CVE-2016-9830\");\n script_name(\"Debian Security Advisory DSA 3746-1 (graphicsmagick - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-12-24 00:00:00 +0100 (Sat, 24 Dec 2016)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3746.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"graphicsmagick on Debian Linux\");\n script_tag(name: \"insight\", value: \"GraphicsMagick provides a set of\ncommand-line applications to manipulate image files. It is a fork of the\nImageMagick project and therefore offers a similar set of features, but puts\na larger emphasis on stability.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in version 1.3.20-3+deb8u2. For the testing distribution (stretch), these problems (with the exception of CVE-2016-9830 ) have been fixed in version 1.3.25-5.\nFor the unstable distribution (sid), these problems have been fixed in version 1.3.25-6.\nWe recommend that you upgrade your graphicsmagick packages.\");\n\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can\ncause denial of service attacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the\nCVE-2016-3714 vulnerability.\n\nThe undocumented TMP magick prefix no longer removes the argument file\nafter it has been read for fixing the CVE-2016-3715 vulnerability. Since the TMP \nfeature was originally implemented, GraphicsMagick added a temporary file\nmanagement subsystem which assures that temporary files are removed so this\nfeature is not needed.\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) for fixing the\nCVE-2016-5118 vulnerability.\n\nCVE-2015-8808 \nGustavo Grieco discovered an out of bound read in the parsing of GIF\nfiles which may cause denial of service.\n\nCVE-2016-2317 \nGustavo Grieco discovered a stack buffer overflow and two heap buffer\noverflows while processing SVG images which may cause denial of service.\n\nCVE-2016-2318 \nGustavo Grieco discovered several segmentation faults while processing\nSVG images which may cause denial of service.\n\nCVE-2016-5240 \nGustavo Grieco discovered an endless loop problem caused by negative\nstroke-dasharray arguments while parsing SVG files which may cause\ndenial of service.\n\nCVE-2016-7800 \nMarco Grassi discovered an unsigned underflow leading to heap overflow\nwhen parsing 8BIM chunk often attached to JPG files which may cause\ndenial of service.\n\nCVE-2016-7996 \nMoshe Kaplan discovered that there is no check that the provided\ncolormap is not larger than 256 entries in the WPG reader which may\ncause denial of service.\n\nCVE-2016-7997 \nMoshe Kaplan discovered that an assertion is thrown for some files in\nthe WPG reader due to a logic error which may cause denial of service.\n\nCVE-2016-8682 \nAgostino Sarubbo of Gentoo discovered a stack buffer read overflow\nwhile reading the SCT header which may cause denial of service.\n\nCVE-2016-8683 \nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nPCX coder which may cause denial of service.\n\nCVE-2016-8684 \nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nSGI coder which may cause denial of service.\n\nCVE-2016-9830 \nAgostino Sarubbo of Gentoo discovered a memory allocation failure in\nMagickRealloc() function which may cause denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"graphicsmagick\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphicsmagick-dbg\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphicsmagick-imagemagick-compat\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"graphicsmagick-libmagick-dev-compat\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphics-magick-perl\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphicsmagick++1-dev\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphicsmagick++3\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphicsmagick1-dev\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgraphicsmagick3\", ver:\"1.3.20-3+deb8u2\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:34:58", "description": "Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can\ncause denial of service attacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the\nCVE-2016-3714 vulnerability.\n\nThe undocumented TMP magick prefix no longer removes the argument file\nafter it has been read for fixing the CVE-2016-3715 vulnerability. Since the TMP\nfeature was originally implemented, GraphicsMagick added a temporary file\nmanagement subsystem which assures that temporary files are removed so this\nfeature is not needed.\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) for fixing the\nCVE-2016-5118 vulnerability.\n\nCVE-2015-8808\nGustavo Grieco discovered an out of bound read in the parsing of GIF\nfiles which may cause denial of service.\n\nCVE-2016-2317\nGustavo Grieco discovered a stack buffer overflow and two heap buffer\noverflows while processing SVG images which may cause denial of service.\n\nCVE-2016-2318\nGustavo Grieco discovered several segmentation faults while processing\nSVG images which may cause denial of service.\n\nCVE-2016-5240\nGustavo Grieco discovered an endless loop problem caused by negative\nstroke-dasharray arguments while parsing SVG files which may cause\ndenial of service.\n\nCVE-2016-7800\nMarco Grassi discovered an unsigned underflow leading to heap overflow\nwhen parsing 8BIM chunk often attached to JPG files which may cause\ndenial of service.\n\nCVE-2016-7996\nMoshe Kaplan discovered that there is no check that the provided\ncolormap is not larger than 256 entries in the WPG reader which may\ncause denial of service.\n\nCVE-2016-7997\nMoshe Kaplan discovered that an assertion is thrown for some files in\nthe WPG reader due to a logic error which may cause denial of service.\n\nCVE-2016-8682\nAgostino Sarubbo of Gentoo discovered a stack buffer read overflow\nwhile reading the SCT header which may cause denial of service.\n\nCVE-2016-8683\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nPCX coder which may cause denial of service.\n\nCVE-2016-8684\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nSGI coder which may cause denial of service.\n\nCVE-2016-9830\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in\nMagickRealloc() function which may cause denial of service.", "cvss3": {}, "published": "2016-12-24T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3746-1 (graphicsmagick - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-3715", "CVE-2016-8683", "CVE-2016-2317", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-3714", "CVE-2016-9830", "CVE-2016-8684", "CVE-2015-8808", "CVE-2016-7800", "CVE-2016-5240", "CVE-2016-2318", "CVE-2016-8682", "CVE-2016-5118"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703746", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703746", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3746.nasl 14279 2019-03-18 14:48:34Z cfischer $\n# Auto-generated from advisory DSA 3746-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703746\");\n script_version(\"$Revision: 14279 $\");\n script_cve_id(\"CVE-2015-8808\", \"CVE-2016-2317\", \"CVE-2016-2318\", \"CVE-2016-3714\",\n \"CVE-2016-3715\", \"CVE-2016-5118\", \"CVE-2016-5240\", \"CVE-2016-7800\",\n \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\",\n \"CVE-2016-8684\", \"CVE-2016-9830\");\n script_name(\"Debian Security Advisory DSA 3746-1 (graphicsmagick - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:48:34 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-24 00:00:00 +0100 (Sat, 24 Dec 2016)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3746.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"graphicsmagick on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), these problems have been fixed in version 1.3.20-3+deb8u2. For the testing distribution (stretch), these problems (with the exception of CVE-2016-9830 ) have been fixed in version 1.3.25-5.\nFor the unstable distribution (sid), these problems have been fixed in version 1.3.25-6.\nWe recommend that you upgrade your graphicsmagick packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can\ncause denial of service attacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the\nCVE-2016-3714 vulnerability.\n\nThe undocumented TMP magick prefix no longer removes the argument file\nafter it has been read for fixing the CVE-2016-3715 vulnerability. Since the TMP\nfeature was originally implemented, GraphicsMagick added a temporary file\nmanagement subsystem which assures that temporary files are removed so this\nfeature is not needed.\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) for fixing the\nCVE-2016-5118 vulnerability.\n\nCVE-2015-8808\nGustavo Grieco discovered an out of bound read in the parsing of GIF\nfiles which may cause denial of service.\n\nCVE-2016-2317\nGustavo Grieco discovered a stack buffer overflow and two heap buffer\noverflows while processing SVG images which may cause denial of service.\n\nCVE-2016-2318\nGustavo Grieco discovered several segmentation faults while processing\nSVG images which may cause denial of service.\n\nCVE-2016-5240\nGustavo Grieco discovered an endless loop problem caused by negative\nstroke-dasharray arguments while parsing SVG files which may cause\ndenial of service.\n\nCVE-2016-7800\nMarco Grassi discovered an unsigned underflow leading to heap overflow\nwhen parsing 8BIM chunk often attached to JPG files which may cause\ndenial of service.\n\nCVE-2016-7996\nMoshe Kaplan discovered that there is no check that the provided\ncolormap is not larger than 256 entries in the WPG reader which may\ncause denial of service.\n\nCVE-2016-7997\nMoshe Kaplan discovered that an assertion is thrown for some files in\nthe WPG reader due to a logic error which may cause denial of service.\n\nCVE-2016-8682\nAgostino Sarubbo of Gentoo discovered a stack buffer read overflow\nwhile reading the SCT header which may cause denial of service.\n\nCVE-2016-8683\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nPCX coder which may cause denial of service.\n\nCVE-2016-8684\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\nSGI coder which may cause denial of service.\n\nCVE-2016-9830\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in\nMagickRealloc() function which may cause denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"graphicsmagick\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphicsmagick-dbg\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphicsmagick-imagemagick-compat\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"graphicsmagick-libmagick-dev-compat\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphics-magick-perl\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphicsmagick++1-dev\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphicsmagick++3\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphicsmagick1-dev\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libgraphicsmagick3\", ver:\"1.3.20-3+deb8u2\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:27:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-02-22T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for GraphicsMagick (openSUSE-SU-2016:3060-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9809", "CVE-2016-7529", "CVE-2014-9831", "CVE-2016-8683", "CVE-2014-9853", "CVE-2014-9807", "CVE-2016-7533", "CVE-2014-9817", "CVE-2014-9845", "CVE-2014-9834", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-7531", "CVE-2016-7515", "CVE-2016-6823", "CVE-2014-9820", "CVE-2016-9556", "CVE-2014-9837", "CVE-2014-9815", "CVE-2016-7528", "CVE-2014-9835", "CVE-2016-8862", "CVE-2014-9805", "CVE-2016-7522", "CVE-2016-8684", "CVE-2014-9846", "CVE-2016-7537", "CVE-2016-7800", "CVE-2016-7101", "CVE-2016-8682", "CVE-2016-5118"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851511", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851511\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-02-22 15:17:51 +0100 (Wed, 22 Feb 2017)\");\n script_cve_id(\"CVE-2014-9805\", \"CVE-2014-9807\", \"CVE-2014-9809\", \"CVE-2014-9815\",\n \"CVE-2014-9817\", \"CVE-2014-9820\", \"CVE-2014-9831\", \"CVE-2014-9834\",\n \"CVE-2014-9835\", \"CVE-2014-9837\", \"CVE-2014-9845\", \"CVE-2014-9846\",\n \"CVE-2014-9853\", \"CVE-2016-5118\", \"CVE-2016-6823\", \"CVE-2016-7101\",\n \"CVE-2016-7515\", \"CVE-2016-7522\", \"CVE-2016-7528\", \"CVE-2016-7529\",\n \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7537\", \"CVE-2016-7800\",\n \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\",\n \"CVE-2016-8684\", \"CVE-2016-8862\", \"CVE-2016-9556\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for GraphicsMagick (openSUSE-SU-2016:3060-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'GraphicsMagick'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for GraphicsMagick fixes the following issues:\n\n - a possible shell execution attack was fixed. if the first character of\n an input filename for 'convert' was a 'pipe' char then the remainder of the\n filename was passed to the shell (CVE-2016-5118, boo#982178)\n\n - Maliciously crafted pnm files could crash GraphicsMagick (CVE-2014-9805,\n [boo#983752])\n\n - Prevent overflow in rle files (CVE-2014-9846, boo#983521)\n\n - Fix a double free in pdb coder (CVE-2014-9807, boo#983794)\n\n - Fix a possible crash due to corrupted xwd images (CVE-2014-9809,\n boo#983799)\n\n - Fix a possible crash due to corrupted wpg images (CVE-2014-9815,\n boo#984372)\n\n - Fix a heap buffer overflow in pdb file handling (CVE-2014-9817,\n boo#984400)\n\n - Fix a heap overflow in xpm files (CVE-2014-9820, boo#984150)\n\n - Fix a heap overflow in pict files (CVE-2014-9834, boo#984436)\n\n - Fix a heap overflow in wpf files (CVE-2014-9835, CVE-2014-9831,\n boo#984145, boo#984375)\n\n - Additional PNM sanity checks (CVE-2014-9837, boo#984166)\n\n - Fix a possible crash due to corrupted dib file (CVE-2014-9845,\n boo#984394)\n\n - Fix out of bound in quantum handling (CVE-2016-7529, boo#1000399)\n\n - Fix out of bound access in xcf file coder (CVE-2016-7528, boo#1000434)\n\n - Fix handling of corrupted lle files (CVE-2016-7515, boo#1000689)\n\n - Fix out of bound access for malformed psd file (CVE-2016-7522,\n boo#1000698)\n\n - Fix out of bound access for pbd files (CVE-2016-7531, boo#1000704)\n\n - Fix out of bound access in corrupted wpg files (CVE-2016-7533,\n boo#1000707)\n\n - Fix out of bound access in corrupted pdb files (CVE-2016-7537,\n boo#1000711)\n\n - BMP Coder Out-Of-Bounds Write Vulnerability (CVE-2016-6823, boo#1001066)\n\n - SGI Coder Out-Of-Bounds Read Vulnerability (CVE-2016-7101, boo#1001221)\n\n - Divide by zero in WriteTIFFImage (do not divide by zero in\n WriteTIFFImage, boo#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (fix buffer\n overflow, boo#1002209)\n\n - 8BIM/8BIMW unsigned underflow leads to heap overflow (CVE-2016-7800,\n boo#1002422)\n\n - wpg reader issues (CVE-2016-7996, CVE-2016-7997, boo#1003629)\n\n - Mismatch between real filesize and header values (CVE-2016-8684,\n boo#1005123)\n\n - Stack-buffer read overflow while reading SCT header (CVE-2016-8682,\n boo#1005125)\n\n - Check that filesize is reasonable compared to the header value\n (CVE-2016-8683, boo#1005127)\n\n - Memory allocation failure in AcquireMagickMemory (CVE-2016-8862,\n boo#1007245)\n\n - heap-based buffer overflow in IsPixelGray (CVE-2016-9556, boo#1011130)\");\n\n script_tag(name:\"affected\", value:\"GraphicsMagick on openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2016:3060-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"GraphicsMagick\", rpm:\"GraphicsMagick~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"GraphicsMagick-debuginfo\", rpm:\"GraphicsMagick-debuginfo~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"GraphicsMagick-debugsource\", rpm:\"GraphicsMagick-debugsource~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"GraphicsMagick-devel\", rpm:\"GraphicsMagick-devel~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagick++-Q16-12\", rpm:\"libGraphicsMagick++-Q16-12~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagick++-Q16-12-debuginfo\", rpm:\"libGraphicsMagick++-Q16-12-debuginfo~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagick++-devel\", rpm:\"libGraphicsMagick++-devel~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagick-Q16-3\", rpm:\"libGraphicsMagick-Q16-3~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagick-Q16-3-debuginfo\", rpm:\"libGraphicsMagick-Q16-3-debuginfo~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagick3-config\", rpm:\"libGraphicsMagick3-config~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagickWand-Q16-2\", rpm:\"libGraphicsMagickWand-Q16-2~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libGraphicsMagickWand-Q16-2-debuginfo\", rpm:\"libGraphicsMagickWand-Q16-2-debuginfo~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-GraphicsMagick\", rpm:\"perl-GraphicsMagick~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-GraphicsMagick-debuginfo\", rpm:\"perl-GraphicsMagick-debuginfo~1.3.25~3.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2021-06-08T18:38:50", "description": "GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-09T13:24:51", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: GraphicsMagick-1.3.25-6.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2017-03-09T13:24:51", "id": "FEDORA:EDE9A63AA70C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2DLPLLMLNBNAT7YWOSVGDII4AM3IADJP/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-06-08T18:38:50", "description": "GraphicsMagick is a comprehensive image processing package which is initial ly based on ImageMagick 5.5.2, but which has undergone significant re-work by the GraphicsMagick Group to significantly improve the quality and performan ce of the software. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-11T11:52:39", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: GraphicsMagick-1.3.25-6.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2017-03-11T11:52:39", "id": "FEDORA:03F756157A10", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JHZLLNOYXORASQYEB6VZ6V2FL4FGNKTD/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-02-06T14:37:27", "description": "Backport fixes for multiple security vulnerabilities.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-10T00:00:00", "type": "nessus", "title": "Fedora 25 : GraphicsMagick (2017-c71a0f40f0)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-8682", "CVE-2017-6335"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:GraphicsMagick", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-C71A0F40F0.NASL", "href": "https://www.tenable.com/plugins/nessus/97649", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-c71a0f40f0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97649);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-8682\", \"CVE-2017-6335\");\n script_xref(name:\"FEDORA\", value:\"2017-c71a0f40f0\");\n\n script_name(english:\"Fedora 25 : GraphicsMagick (2017-c71a0f40f0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backport fixes for multiple security vulnerabilities.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-c71a0f40f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"GraphicsMagick-1.3.25-6.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T14:37:53", "description": "Backport fixes for multiple security vulnerabilities.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-13T00:00:00", "type": "nessus", "title": "Fedora 24 : GraphicsMagick (2017-d2bab54ac9)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-8682", "CVE-2017-6335"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:GraphicsMagick", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-D2BAB54AC9.NASL", "href": "https://www.tenable.com/plugins/nessus/97684", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-d2bab54ac9.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97684);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-8682\", \"CVE-2017-6335\");\n script_xref(name:\"FEDORA\", value:\"2017-d2bab54ac9\");\n\n script_name(english:\"Fedora 24 : GraphicsMagick (2017-d2bab54ac9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backport fixes for multiple security vulnerabilities.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2bab54ac9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"GraphicsMagick-1.3.25-6.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T14:38:48", "description": "The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.(CVE-2017-6335)\n\nThe WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.(CVE-2016-7997)\n\nHeap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. (CVE-2016-7996 )\n\nThe MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a 'file truncation error for corrupt file.' (CVE-2016-8684)\n\nThe ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. (CVE-2016-8682)\n\nThe ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a 'file truncation error for corrupt file.' (CVE-2016-8683)\n\nThe MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. (CVE-2016-9830)\n\nInteger underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow. (CVE-2016-7800 )", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-04-21T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : GraphicsMagick (ALAS-2017-820)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-9830", "CVE-2017-6335"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:GraphicsMagick", "p-cpe:/a:amazon:linux:graphicsmagick-c%2b%2b", "p-cpe:/a:amazon:linux:graphicsmagick-c%2b%2b-devel", "p-cpe:/a:amazon:linux:GraphicsMagick-debuginfo", "p-cpe:/a:amazon:linux:GraphicsMagick-devel", "p-cpe:/a:amazon:linux:GraphicsMagick-doc", "p-cpe:/a:amazon:linux:GraphicsMagick-perl", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2017-820.NASL", "href": "https://www.tenable.com/plugins/nessus/99533", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2017-820.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99533);\n script_version(\"3.2\");\n script_cvs_date(\"Date: 2018/04/18 15:09:36\");\n\n script_cve_id(\"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\", \"CVE-2016-9830\", \"CVE-2017-6335\");\n script_xref(name:\"ALAS\", value:\"2017-820\");\n\n script_name(english:\"Amazon Linux AMI : GraphicsMagick (ALAS-2017-820)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The QuantumTransferMode function in coders/tiff.c in GraphicsMagick\n1.3.25 and earlier allows remote attackers to cause a denial of\nservice (out-of-bounds read and application crash) via a small samples\nper pixel value in a CMYKA TIFF file.(CVE-2017-6335)\n\nThe WPG format reader in GraphicsMagick 1.3.25 and earlier allows\nremote attackers to cause a denial of service (assertion failure and\ncrash) via vectors related to a ReferenceBlob and a NULL\npointer.(CVE-2016-7997)\n\nHeap-based buffer overflow in the WPG format reader in GraphicsMagick\n1.3.25 and earlier allows remote attackers to have unspecified impact\nvia a colormap with a large number of entries. (CVE-2016-7996 )\n\nThe MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25\nallows remote attackers to have unspecified impact via a crafted\nimage, which triggers a memory allocation failure and a 'file\ntruncation error for corrupt file.' (CVE-2016-8684)\n\nThe ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25\nallows remote attackers to cause a denial of service (out-of-bounds\nread) via a crafted SCT header. (CVE-2016-8682)\n\nThe ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25\nallows remote attackers to have unspecified impact via a crafted\nimage, which triggers a memory allocation failure and a 'file\ntruncation error for corrupt file.' (CVE-2016-8683)\n\nThe MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows\nremote attackers to cause a denial of service (crash) via large\ndimensions in a jpeg image. (CVE-2016-9830)\n\nInteger underflow in the parse8BIM function in coders/meta.c in\nGraphicsMagick 1.3.25 and earlier allows remote attackers to cause a\ndenial of service (application crash) via a crafted 8BIM chunk, which\ntriggers a heap-based buffer overflow. (CVE-2016-7800 )\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2017-820.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update GraphicsMagick' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick-c++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:GraphicsMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-1.3.25-6.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-c++-1.3.25-6.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-c++-devel-1.3.25-6.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-debuginfo-1.3.25-6.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-devel-1.3.25-6.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-doc-1.3.25-6.10.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"GraphicsMagick-perl-1.3.25-6.10.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick / GraphicsMagick-c++ / GraphicsMagick-c++-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-06T14:24:45", "description": "GraphicsMagick reports :\n\nMultiple vulnerabilities have been found in GraphicsMagick 1.3.26 or earlier. Please refer to the CVE list for details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-21T00:00:00", "type": "nessus", "title": "FreeBSD : GraphicsMagick -- multiple vulnerabilities (25f73c47-68a8-4a30-9cbc-1ca5eea4d6ba)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-9830", "CVE-2017-10794", "CVE-2017-10799", "CVE-2017-10800", "CVE-2017-6335", "CVE-2017-8350"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:GraphicsMagick", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_25F73C4768A84A309CBC1CA5EEA4D6BA.NASL", "href": "https://www.tenable.com/plugins/nessus/110628", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110628);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:46\");\n\n script_cve_id(\"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-9830\", \"CVE-2017-10794\", \"CVE-2017-10799\", \"CVE-2017-10800\", \"CVE-2017-6335\", \"CVE-2017-8350\");\n\n script_name(english:\"FreeBSD : GraphicsMagick -- multiple vulnerabilities (25f73c47-68a8-4a30-9cbc-1ca5eea4d6ba)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"GraphicsMagick reports :\n\nMultiple vulnerabilities have been found in GraphicsMagick 1.3.26 or\nearlier. Please refer to the CVE list for details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.graphicsmagick.org/NEWS.html\"\n );\n # https://vuxml.freebsd.org/freebsd/25f73c47-68a8-4a30-9cbc-1ca5eea4d6ba.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?029ff082\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/07/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"GraphicsMagick<1.3.26,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:43", "description": "Several vulnerabilities have been found in the graphicsmagick package that may lead to denial of service through failed assertions, CPU or memory usage. Some vulnerabilities may also lead to code execution but no exploit is currently known.\n\nCVE-2016-7448\n\nUtah RLE: Reject truncated/absurd files which caused huge memory allocations and/or consumed huge CPU \n\nCVE-2016-7996\n\nmissing check that the provided colormap is not larger than 256 entries resulting in potential heap overflow\n\nCVE-2016-7997\n\ndenial of service via a crash due to an assertion\n\nCVE-2016-8682\n\nstack-based buffer overflow in ReadSCTImage (sct.c)\n\nCVE-2016-8683\n\nmemory allocation failure in ReadPCXImage (pcx.c)\n\nCVE-2016-8684\n\nmemory allocation failure in MagickMalloc (memory.c)\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.3.16-1.1+deb7u5.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-27T00:00:00", "type": "nessus", "title": "Debian DLA-683-1 : graphicsmagick security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7448", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:graphicsmagick", "p-cpe:/a:debian:debian_linux:graphicsmagick-dbg", "p-cpe:/a:debian:debian_linux:graphicsmagick-imagemagick-compat", "p-cpe:/a:debian:debian_linux:graphicsmagick-libmagick-dev-compat", "p-cpe:/a:debian:debian_linux:libgraphics-magick-perl", "p-cpe:/a:debian:debian_linux:libgraphicsmagick%2b%2b1-dev", "p-cpe:/a:debian:debian_linux:libgraphicsmagick%2b%2b3", "p-cpe:/a:debian:debian_linux:libgraphicsmagick1-dev", "p-cpe:/a:debian:debian_linux:libgraphicsmagick3", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-683.NASL", "href": "https://www.tenable.com/plugins/nessus/94297", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-683-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94297);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7448\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"Debian DLA-683-1 : graphicsmagick security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been found in the graphicsmagick package\nthat may lead to denial of service through failed assertions, CPU or\nmemory usage. Some vulnerabilities may also lead to code execution but\nno exploit is currently known.\n\nCVE-2016-7448\n\nUtah RLE: Reject truncated/absurd files which caused huge memory\nallocations and/or consumed huge CPU \n\nCVE-2016-7996\n\nmissing check that the provided colormap is not larger than 256\nentries resulting in potential heap overflow\n\nCVE-2016-7997\n\ndenial of service via a crash due to an assertion\n\nCVE-2016-8682\n\nstack-based buffer overflow in ReadSCTImage (sct.c)\n\nCVE-2016-8683\n\nmemory allocation failure in ReadPCXImage (pcx.c)\n\nCVE-2016-8684\n\nmemory allocation failure in MagickMalloc (memory.c)\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.3.16-1.1+deb7u5.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/10/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/graphicsmagick\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick-imagemagick-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick-libmagick-dev-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphics-magick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick++1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick++3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick-dbg\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick-imagemagick-compat\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick-libmagick-dev-compat\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphics-magick-perl\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick++1-dev\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick++3\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick1-dev\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick3\", reference:\"1.3.16-1.1+deb7u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-12T16:12:04", "description": "Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based shell exploits for fixing the CVE-2016-3714 vulnerability.\n\nThe undocumented 'TMP' magick prefix no longer removes the argument file after it has been read for fixing the CVE-2016-3715 vulnerability. Since the 'TMP' feature was originally implemented, GraphicsMagick added a temporary file management subsystem which assures that temporary files are removed so this feature is not needed.\n\nRemove support for reading input from a shell command, or writing output to a shell command, by prefixing the specified filename (containing the command) with a '|' for fixing the CVE-2016-5118 vulnerability.\n\n - CVE-2015-8808 Gustavo Grieco discovered an out of bound read in the parsing of GIF files which may cause denial of service.\n\n - CVE-2016-2317 Gustavo Grieco discovered a stack-based buffer overflow and two heap buffer overflows while processing SVG images which may cause denial of service.\n\n - CVE-2016-2318 Gustavo Grieco discovered several segmentation faults while processing SVG images which may cause denial of service.\n\n - CVE-2016-5240 Gustavo Grieco discovered an endless loop problem caused by negative stroke-dasharray arguments while parsing SVG files which may cause denial of service.\n\n - CVE-2016-7800 Marco Grassi discovered an unsigned underflow leading to heap overflow when parsing 8BIM chunk often attached to JPG files which may cause denial of service.\n\n - CVE-2016-7996 Moshe Kaplan discovered that there is no check that the provided colormap is not larger than 256 entries in the WPG reader which may cause denial of service.\n\n - CVE-2016-7997 Moshe Kaplan discovered that an assertion is thrown for some files in the WPG reader due to a logic error which may cause denial of service.\n\n - CVE-2016-8682 Agostino Sarubbo of Gentoo discovered a stack buffer read overflow while reading the SCT header which may cause denial of service.\n\n - CVE-2016-8683 Agostino Sarubbo of Gentoo discovered a memory allocation failure in the PCX coder which may cause denial of service.\n\n - CVE-2016-8684 Agostino Sarubbo of Gentoo discovered a memory allocation failure in the SGI coder which may cause denial of service.\n\n - CVE-2016-9830 Agostino Sarubbo of Gentoo discovered a memory allocation failure in MagickRealloc() function which may cause denial of service.", "cvss3": {}, "published": "2016-12-27T00:00:00", "type": "nessus", "title": "Debian DSA-3746-1 : graphicsmagick - security update (ImageTragick)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8808", "CVE-2016-2317", "CVE-2016-2318", "CVE-2016-3714", "CVE-2016-3715", "CVE-2016-5118", "CVE-2016-5240", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-9830"], "modified": "2021-11-30T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:graphicsmagick", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3746.NASL", "href": "https://www.tenable.com/plugins/nessus/96103", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3746. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96103);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/30\");\n\n script_cve_id(\"CVE-2015-8808\", \"CVE-2016-2317\", \"CVE-2016-2318\", \"CVE-2016-3714\", \"CVE-2016-3715\", \"CVE-2016-5118\", \"CVE-2016-5240\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\", \"CVE-2016-9830\");\n script_xref(name:\"DSA\", value:\"3746\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"Debian DSA-3746-1 : graphicsmagick - security update (ImageTragick)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in GraphicsMagick, a\ncollection of image processing tool, which can cause denial of service\nattacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder\nto prevent Gnuplot-shell based shell exploits for fixing the\nCVE-2016-3714 vulnerability.\n\nThe undocumented 'TMP' magick prefix no longer removes the argument\nfile after it has been read for fixing the CVE-2016-3715\nvulnerability. Since the 'TMP' feature was originally implemented,\nGraphicsMagick added a temporary file management subsystem which\nassures that temporary files are removed so this feature is not\nneeded.\n\nRemove support for reading input from a shell command, or writing\noutput to a shell command, by prefixing the specified filename\n(containing the command) with a '|' for fixing the CVE-2016-5118\nvulnerability.\n\n - CVE-2015-8808\n Gustavo Grieco discovered an out of bound read in the\n parsing of GIF files which may cause denial of service.\n\n - CVE-2016-2317\n Gustavo Grieco discovered a stack-based buffer overflow\n and two heap buffer overflows while processing SVG\n images which may cause denial of service.\n\n - CVE-2016-2318\n Gustavo Grieco discovered several segmentation faults\n while processing SVG images which may cause denial of\n service.\n\n - CVE-2016-5240\n Gustavo Grieco discovered an endless loop problem caused\n by negative stroke-dasharray arguments while parsing SVG\n files which may cause denial of service.\n\n - CVE-2016-7800\n Marco Grassi discovered an unsigned underflow leading to\n heap overflow when parsing 8BIM chunk often attached to\n JPG files which may cause denial of service.\n\n - CVE-2016-7996\n Moshe Kaplan discovered that there is no check that the\n provided colormap is not larger than 256 entries in the\n WPG reader which may cause denial of service.\n\n - CVE-2016-7997\n Moshe Kaplan discovered that an assertion is thrown for\n some files in the WPG reader due to a logic error which\n may cause denial of service.\n\n - CVE-2016-8682\n Agostino Sarubbo of Gentoo discovered a stack buffer\n read overflow while reading the SCT header which may\n cause denial of service.\n\n - CVE-2016-8683\n Agostino Sarubbo of Gentoo discovered a memory\n allocation failure in the PCX coder which may cause\n denial of service.\n\n - CVE-2016-8684\n Agostino Sarubbo of Gentoo discovered a memory\n allocation failure in the SGI coder which may cause\n denial of service.\n\n - CVE-2016-9830\n Agostino Sarubbo of Gentoo discovered a memory\n allocation failure in MagickRealloc() function which may\n cause denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847055\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-3714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-3715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8808\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-5240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-7800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-7996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-7997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-8682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-8683\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-8684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-9830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-9830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/graphicsmagick\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3746\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the graphicsmagick packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 1.3.20-3+deb8u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/05/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"graphicsmagick\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"graphicsmagick-dbg\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"graphicsmagick-imagemagick-compat\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"graphicsmagick-libmagick-dev-compat\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgraphics-magick-perl\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgraphicsmagick++1-dev\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgraphicsmagick++3\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgraphicsmagick1-dev\", reference:\"1.3.20-3+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libgraphicsmagick3\", reference:\"1.3.20-3+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:51", "description": "Various security issues were found and fixed in graphicsmagick in Debian wheezy LTS.\n\nCVE-2016-7446\n\nHeap buffer overflow issue in MVG/SVG rendering.\n\nCVE-2016-7447\n\nHeap overflow of the EscapeParenthesis() function\n\nCVE-2016-7449\n\nTIFF related problems due to use of strlcpy use.\n\nCVE-2016-7800\n\nFix unsigned underflow leading to heap overflow when parsing 8BIM chunk.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.3.16-1.1+deb7u4.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-12T00:00:00", "type": "nessus", "title": "Debian DLA-651-1 : graphicsmagick security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7446", "CVE-2016-7447", "CVE-2016-7449", "CVE-2016-7800"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:graphicsmagick", "p-cpe:/a:debian:debian_linux:graphicsmagick-dbg", "p-cpe:/a:debian:debian_linux:graphicsmagick-imagemagick-compat", "p-cpe:/a:debian:debian_linux:graphicsmagick-libmagick-dev-compat", "p-cpe:/a:debian:debian_linux:libgraphics-magick-perl", "p-cpe:/a:debian:debian_linux:libgraphicsmagick%2b%2b1-dev", "p-cpe:/a:debian:debian_linux:libgraphicsmagick%2b%2b3", "p-cpe:/a:debian:debian_linux:libgraphicsmagick1-dev", "p-cpe:/a:debian:debian_linux:libgraphicsmagick3", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-651.NASL", "href": "https://www.tenable.com/plugins/nessus/93968", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-651-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93968);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7446\", \"CVE-2016-7447\", \"CVE-2016-7449\", \"CVE-2016-7800\");\n\n script_name(english:\"Debian DLA-651-1 : graphicsmagick security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various security issues were found and fixed in graphicsmagick in\nDebian wheezy LTS.\n\nCVE-2016-7446\n\nHeap buffer overflow issue in MVG/SVG rendering.\n\nCVE-2016-7447\n\nHeap overflow of the EscapeParenthesis() function\n\nCVE-2016-7449\n\nTIFF related problems due to use of strlcpy use.\n\nCVE-2016-7800\n\nFix unsigned underflow leading to heap overflow when parsing 8BIM\nchunk.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.3.16-1.1+deb7u4.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/10/msg00007.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/graphicsmagick\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick-imagemagick-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:graphicsmagick-libmagick-dev-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphics-magick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick++1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick++3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libgraphicsmagick3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick-dbg\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick-imagemagick-compat\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"graphicsmagick-libmagick-dev-compat\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphics-magick-perl\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick++1-dev\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick++3\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick1-dev\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libgraphicsmagick3\", reference:\"1.3.16-1.1+deb7u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T13:47:29", "description": "This update for GraphicsMagick fixes the following issues :\n\n - security update :\n\n - CVE-2016-8684 [boo#1005123]\n\n - CVE-2016-8682 [boo#1005125]\n\n - CVE-2016-8683 [boo#1005127]\n\n - security update :\n\n - CVE-2016-7529 [boo#1000399]\n\n - CVE-2016-7528 [boo#1000434]\n\n - CVE-2016-7515 [boo#1000689]\n\n - CVE-2016-7446 [boo#999673]\n\n - CVE-2016-7447 [boo#999673]\n\n - CVE-2016-7448 [boo#999673]\n\n - CVE-2016-7449 [boo#999673]\n\n - CVE-2016-7517 [boo#1000693]\n\n - CVE-2016-7519 [boo#1000695]\n\n - CVE-2016-7522 [boo#1000698]\n\n - CVE-2016-7524 [boo#1000700]\n\n - CVE-2016-7531 [boo#1000704]\n\n - CVE-2016-7533 [boo#1000707]\n\n - CVE-2016-7537 [boo#1000711]\n\n - CVE-2016-6823 [boo#1001066]\n\n - CVE-2016-7101 [boo#1001221]\n\n - do not divide by zero in WriteTIFFImage [boo#1002206]\n\n - fix buffer overflow [boo#1002209]\n\n - CVE-2016-7800 [boo#1002422]\n\n - CVE-2016-7996, CVE-2016-7997 [boo#1003629]", "cvss3": {}, "published": "2016-10-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : GraphicsMagick (openSUSE-2016-1229)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5688", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7446", "CVE-2016-7447", "CVE-2016-7448", "CVE-2016-7449", "CVE-2016-7515", "CVE-2016-7517", "CVE-2016-7519", "CVE-2016-7522", "CVE-2016-7524", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7531", "CVE-2016-7533", "CVE-2016-7537", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:GraphicsMagick", "p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo", "p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource", "p-cpe:/a:novell:opensuse:GraphicsMagick-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-11", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-11-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3", "p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libGraphicsMagick3-config", "p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2", "p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo", "p-cpe:/a:novell:opensuse:perl-GraphicsMagick", "p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1229.NASL", "href": "https://www.tenable.com/plugins/nessus/94304", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1229.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94304);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5688\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7446\", \"CVE-2016-7447\", \"CVE-2016-7448\", \"CVE-2016-7449\", \"CVE-2016-7515\", \"CVE-2016-7517\", \"CVE-2016-7519\", \"CVE-2016-7522\", \"CVE-2016-7524\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7537\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"openSUSE Security Update : GraphicsMagick (openSUSE-2016-1229)\");\n script_summary(english:\"Check for the openSUSE-2016-1229 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for GraphicsMagick fixes the following issues :\n\n - security update :\n\n - CVE-2016-8684 [boo#1005123]\n\n - CVE-2016-8682 [boo#1005125]\n\n - CVE-2016-8683 [boo#1005127]\n\n - security update :\n\n - CVE-2016-7529 [boo#1000399]\n\n - CVE-2016-7528 [boo#1000434]\n\n - CVE-2016-7515 [boo#1000689]\n\n - CVE-2016-7446 [boo#999673]\n\n - CVE-2016-7447 [boo#999673]\n\n - CVE-2016-7448 [boo#999673]\n\n - CVE-2016-7449 [boo#999673]\n\n - CVE-2016-7517 [boo#1000693]\n\n - CVE-2016-7519 [boo#1000695]\n\n - CVE-2016-7522 [boo#1000698]\n\n - CVE-2016-7524 [boo#1000700]\n\n - CVE-2016-7531 [boo#1000704]\n\n - CVE-2016-7533 [boo#1000707]\n\n - CVE-2016-7537 [boo#1000711]\n\n - CVE-2016-6823 [boo#1001066]\n\n - CVE-2016-7101 [boo#1001221]\n\n - do not divide by zero in WriteTIFFImage [boo#1002206]\n\n - fix buffer overflow [boo#1002209]\n\n - CVE-2016-7800 [boo#1002422]\n\n - CVE-2016-7996, CVE-2016-7997 [boo#1003629]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999673\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick3-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-debuginfo-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-debugsource-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"GraphicsMagick-devel-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick++-Q16-11-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick++-Q16-11-debuginfo-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick++-devel-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick-Q16-3-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick-Q16-3-debuginfo-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagick3-config-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagickWand-Q16-2-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libGraphicsMagickWand-Q16-2-debuginfo-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-GraphicsMagick-1.3.21-14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-GraphicsMagick-debuginfo-1.3.21-14.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick / GraphicsMagick-debuginfo / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-16T13:47:25", "description": "This update for GraphicsMagick fixes the following issues :\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7529: out of bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out of bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449:\n various issues fixed in 1.3.25 (bsc#999673)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2016-5688: Various invalid memory reads in ImageMagick WPG (bsc#985442)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)", "cvss3": {}, "published": "2016-10-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : GraphicsMagick (openSUSE-2016-1230)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8957", "CVE-2015-8958", "CVE-2016-5688", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7446", "CVE-2016-7447", "CVE-2016-7448", "CVE-2016-7449", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7519", "CVE-2016-7522", "CVE-2016-7524", "CVE-2016-7526", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7531", "CVE-2016-7533", "CVE-2016-7537", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:GraphicsMagick", "p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo", "p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource", "p-cpe:/a:novell:opensuse:GraphicsMagick-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-3", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3", "p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libGraphicsMagick3-config", "p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2", "p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo", "p-cpe:/a:novell:opensuse:perl-GraphicsMagick", "p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1230.NASL", "href": "https://www.tenable.com/plugins/nessus/94305", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1230.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94305);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2016-5688\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7446\", \"CVE-2016-7447\", \"CVE-2016-7448\", \"CVE-2016-7449\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7519\", \"CVE-2016-7522\", \"CVE-2016-7524\", \"CVE-2016-7526\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7537\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"openSUSE Security Update : GraphicsMagick (openSUSE-2016-1230)\");\n script_summary(english:\"Check for the openSUSE-2016-1230 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for GraphicsMagick fixes the following issues :\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7529: out of bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out of bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in\n ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7519: out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7517: out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449:\n various issues fixed in 1.3.25 (bsc#999673)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read\n Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write\n Vulnerability (bsc#1001066)\n\n - CVE-2016-5688: Various invalid memory reads in\n ImageMagick WPG (bsc#985442)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=985442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=999673\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick3-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"GraphicsMagick-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"GraphicsMagick-debuginfo-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"GraphicsMagick-debugsource-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"GraphicsMagick-devel-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagick++-Q16-3-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagick++-Q16-3-debuginfo-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagick++-devel-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagick-Q16-3-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagick-Q16-3-debuginfo-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagick3-config-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagickWand-Q16-2-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libGraphicsMagickWand-Q16-2-debuginfo-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"perl-GraphicsMagick-1.3.20-12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"perl-GraphicsMagick-debuginfo-1.3.20-12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick / GraphicsMagick-debuginfo / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:39:06", "description": "This update for GraphicsMagick fixes the following issues :\n\n - a possible shell execution attack was fixed. if the first character of an input filename for 'convert' was a '|' then the remainder of the filename was passed to the shell (CVE-2016-5118, boo#982178)\n\n - Maliciously crafted pnm files could crash GraphicsMagick (CVE-2014-9805, [boo#983752])\n\n - Prevent overflow in rle files (CVE-2014-9846, boo#983521)\n\n - Fix a double free in pdb coder (CVE-2014-9807, boo#983794)\n\n - Fix a possible crash due to corrupted xwd images (CVE-2014-9809, boo#983799)\n\n - Fix a possible crash due to corrupted wpg images (CVE-2014-9815, boo#984372)\n\n - Fix a heap buffer overflow in pdb file handling (CVE-2014-9817, boo#984400)\n\n - Fix a heap overflow in xpm files (CVE-2014-9820, boo#984150)\n\n - Fix a heap overflow in pict files (CVE-2014-9834, boo#984436)\n\n - Fix a heap overflow in wpf files (CVE-2014-9835, CVE-2014-9831, boo#984145, boo#984375)\n\n - Additional PNM sanity checks (CVE-2014-9837, boo#984166)\n\n - Fix a possible crash due to corrupted dib file (CVE-2014-9845, boo#984394)\n\n - Fix out of bound in quantum handling (CVE-2016-7529, boo#1000399)\n\n - Fix out of bound access in xcf file coder (CVE-2016-7528, boo#1000434)\n\n - Fix handling of corrupted lle files (CVE-2016-7515, boo#1000689)\n\n - Fix out of bound access for malformed psd file (CVE-2016-7522, boo#1000698)\n\n - Fix out of bound access for pbd files (CVE-2016-7531, boo#1000704)\n\n - Fix out of bound access in corrupted wpg files (CVE-2016-7533, boo#1000707)\n\n - Fix out of bound access in corrupted pdb files (CVE-2016-7537, boo#1000711)\n\n - BMP Coder Out-Of-Bounds Write Vulnerability (CVE-2016-6823, boo#1001066)\n\n - SGI Coder Out-Of-Bounds Read Vulnerability (CVE-2016-7101, boo#1001221)\n\n - Divide by zero in WriteTIFFImage (do not divide by zero in WriteTIFFImage, boo#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (fix buffer overflow, boo#1002209)\n\n - 8BIM/8BIMW unsigned underflow leads to heap overflow (CVE-2016-7800, boo#1002422)\n\n - wpg reader issues (CVE-2016-7996, CVE-2016-7997, boo#1003629)\n\n - Mismatch between real filesize and header values (CVE-2016-8684, boo#1005123)\n\n - Stack-buffer read overflow while reading SCT header (CVE-2016-8682, boo#1005125)\n\n - Check that filesize is reasonable compared to the header value (CVE-2016-8683, boo#1005127)\n\n - Memory allocation failure in AcquireMagickMemory (CVE-2016-8862, boo#1007245)\n\n - heap-based buffer overflow in IsPixelGray (CVE-2016-9556, boo#1011130)", "cvss3": {}, "published": "2016-12-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : GraphicsMagick (openSUSE-2016-1430)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9805", "CVE-2014-9807", "CVE-2014-9809", "CVE-2014-9815", "CVE-2014-9817", "CVE-2014-9820", "CVE-2014-9831", "CVE-2014-9834", "CVE-2014-9835", "CVE-2014-9837", "CVE-2014-9845", "CVE-2014-9846", "CVE-2014-9853", "CVE-2016-5118", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7515", "CVE-2016-7522", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7531", "CVE-2016-7533", "CVE-2016-7537", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-8862", "CVE-2016-9556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:GraphicsMagick", "p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo", "p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource", "p-cpe:/a:novell:opensuse:GraphicsMagick-devel", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-12", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-q16-12-debuginfo", "p-cpe:/a:novell:opensuse:libgraphicsmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3", "p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libGraphicsMagick3-config", "p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2", "p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo", "p-cpe:/a:novell:opensuse:perl-GraphicsMagick", "p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2016-1430.NASL", "href": "https://www.tenable.com/plugins/nessus/95704", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1430.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95704);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9805\", \"CVE-2014-9807\", \"CVE-2014-9809\", \"CVE-2014-9815\", \"CVE-2014-9817\", \"CVE-2014-9820\", \"CVE-2014-9831\", \"CVE-2014-9834\", \"CVE-2014-9835\", \"CVE-2014-9837\", \"CVE-2014-9845\", \"CVE-2014-9846\", \"CVE-2014-9853\", \"CVE-2016-5118\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7515\", \"CVE-2016-7522\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7537\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\", \"CVE-2016-8862\", \"CVE-2016-9556\");\n\n script_name(english:\"openSUSE Security Update : GraphicsMagick (openSUSE-2016-1430)\");\n script_summary(english:\"Check for the openSUSE-2016-1430 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for GraphicsMagick fixes the following issues :\n\n - a possible shell execution attack was fixed. if the\n first character of an input filename for 'convert' was a\n '|' then the remainder of the filename was passed to the\n shell (CVE-2016-5118, boo#982178)\n\n - Maliciously crafted pnm files could crash GraphicsMagick\n (CVE-2014-9805, [boo#983752])\n\n - Prevent overflow in rle files (CVE-2014-9846,\n boo#983521)\n\n - Fix a double free in pdb coder (CVE-2014-9807,\n boo#983794)\n\n - Fix a possible crash due to corrupted xwd images\n (CVE-2014-9809, boo#983799)\n\n - Fix a possible crash due to corrupted wpg images\n (CVE-2014-9815, boo#984372)\n\n - Fix a heap buffer overflow in pdb file handling\n (CVE-2014-9817, boo#984400)\n\n - Fix a heap overflow in xpm files (CVE-2014-9820,\n boo#984150)\n\n - Fix a heap overflow in pict files (CVE-2014-9834,\n boo#984436)\n\n - Fix a heap overflow in wpf files (CVE-2014-9835,\n CVE-2014-9831, boo#984145, boo#984375)\n\n - Additional PNM sanity checks (CVE-2014-9837, boo#984166)\n\n - Fix a possible crash due to corrupted dib file\n (CVE-2014-9845, boo#984394)\n\n - Fix out of bound in quantum handling (CVE-2016-7529,\n boo#1000399)\n\n - Fix out of bound access in xcf file coder\n (CVE-2016-7528, boo#1000434)\n\n - Fix handling of corrupted lle files (CVE-2016-7515,\n boo#1000689)\n\n - Fix out of bound access for malformed psd file\n (CVE-2016-7522, boo#1000698)\n\n - Fix out of bound access for pbd files (CVE-2016-7531,\n boo#1000704)\n\n - Fix out of bound access in corrupted wpg files\n (CVE-2016-7533, boo#1000707)\n\n - Fix out of bound access in corrupted pdb files\n (CVE-2016-7537, boo#1000711)\n\n - BMP Coder Out-Of-Bounds Write Vulnerability\n (CVE-2016-6823, boo#1001066)\n\n - SGI Coder Out-Of-Bounds Read Vulnerability\n (CVE-2016-7101, boo#1001221)\n\n - Divide by zero in WriteTIFFImage (do not divide by zero\n in WriteTIFFImage, boo#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (fix buffer overflow, boo#1002209)\n\n - 8BIM/8BIMW unsigned underflow leads to heap overflow\n (CVE-2016-7800, boo#1002422)\n\n - wpg reader issues (CVE-2016-7996, CVE-2016-7997,\n boo#1003629)\n\n - Mismatch between real filesize and header values\n (CVE-2016-8684, boo#1005123)\n\n - Stack-buffer read overflow while reading SCT header\n (CVE-2016-8682, boo#1005125)\n\n - Check that filesize is reasonable compared to the header\n value (CVE-2016-8683, boo#1005127)\n\n - Memory allocation failure in AcquireMagickMemory\n (CVE-2016-8862, boo#1007245)\n\n - heap-based buffer overflow in IsPixelGray\n (CVE-2016-9556, boo#1011130)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1007245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1011130\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=982178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=983799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=984436\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected GraphicsMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:GraphicsMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-Q16-12-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick-Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagick3-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libGraphicsMagickWand-Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-GraphicsMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-debuginfo-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-debugsource-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"GraphicsMagick-devel-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick++-Q16-12-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick++-Q16-12-debuginfo-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick++-devel-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick-Q16-3-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick-Q16-3-debuginfo-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagick3-config-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagickWand-Q16-2-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"perl-GraphicsMagick-1.3.25-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"perl-GraphicsMagick-debuginfo-1.3.25-3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GraphicsMagick / GraphicsMagick-debuginfo / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:38:43", "description": "This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8862: Memory allocation failure in AcquireMagickMemory (bsc#1007245)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7529: out of bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-7527: out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:2964-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-5687", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7533", "CVE-2016-7535", "CVE-2016-7537", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-8862"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libMagickCore1", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-2964-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95453", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2964-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95453);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-5687\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7533\", \"CVE-2016-7535\", \"CVE-2016-7537\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\", \"CVE-2016-8862\");\n\n script_name(english:\"SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:2964-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues: These\nvulnerabilities could be triggered by processing specially crafted\nimage files, which could lead to a process crash or resource\nconsumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8862: Memory allocation failure in\n AcquireMagickMemory (bsc#1007245)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - CVE-2015-8959: DOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write\n Vulnerability (bsc#1001066)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7529: out of bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read\n Vulnerability (bsc#1001221)\n\n - CVE-2016-7527: out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7528: out of bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7517: out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2016-7519: out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7799: mogrify global buffer overflow\n (bsc#1002421)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1007245\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9907/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8957/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8958/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8959/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5687/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6823/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7514/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7515/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7516/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7517/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7518/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7519/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7522/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7523/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7524/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7525/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7526/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7527/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7528/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7529/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7530/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7531/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7533/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7535/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7537/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7996/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7997/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8682/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8683/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8684/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8862/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162964-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3bc753ba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-ImageMagick-12867=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ImageMagick-12867=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ImageMagick-12867=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore1-32bit-6.4.3.6-7.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"libMagickCore1-32bit-6.4.3.6-7.54.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libMagickCore1-6.4.3.6-7.54.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-14T01:54:38", "description": "This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7513", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7521", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7532", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7535", "CVE-2016-7537", "CVE-2016-7538", "CVE-2016-7539", "CVE-2016-7540", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8677", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ImageMagick", "p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo", "p-cpe:/a:novell:suse_linux:ImageMagick-debugsource", "p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16", "p-cpe:/a:novell:suse_linux:libmagick%2b%2b-6_q16-3-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2667-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2667-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94433);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7513\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7521\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7532\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7535\", \"CVE-2016-7537\", \"CVE-2016-7538\", \"CVE-2016-7539\", \"CVE-2016-7540\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8677\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues: These\nvulnerabilities could be triggered by processing specially crafted\nimage files, which could lead to a process crash or resource\nconsumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in\n AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow\n (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts\n (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory\n (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file\n (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder\n (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file\n (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in\n ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling\n (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling\n (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault\n (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds\n Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds\n Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1000715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1005328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9907/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8957/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8958/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8959/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-6823/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7101/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7513/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7514/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7515/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7516/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7517/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7518/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7519/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7520/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7521/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7522/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7523/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7524/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7525/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7526/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7527/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7528/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7529/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7530/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7531/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7532/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7533/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7534/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7535/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7537/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7538/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7539/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7540/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7799/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7800/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7996/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-7997/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8677/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8682/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8683/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-8684/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162667-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1aea0f46\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2016-1572=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1572=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1572=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1572=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ImageMagick-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ImageMagick-debugsource-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-40.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-40.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-14T01:54:21", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7799: Mogrify global buffer overflow (bsc#1002421)\n\n - CVE-2016-7540: Writing to RGF format aborts (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7536: SEGV reported in corrupted profile handling (bsc#1000710)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7532: Fix handling of corrupted psd file (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7529: Out of bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out of bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: Out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ImageMagick (openSUSE-2016-1242)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7513", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7521", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7532", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7535", "CVE-2016-7536", "CVE-2016-7537", "CVE-2016-7538", "CVE-2016-7539", "CVE-2016-7540", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8677", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ImageMagick", "p-cpe:/a:novell:opensuse:ImageMagick-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-debugsource", "p-cpe:/a:novell:opensuse:ImageMagick-devel", "p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit", "p-cpe:/a:novell:opensuse:ImageMagick-extra", "p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-debuginfo", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:perl-PerlMagick", "p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1242.NASL", "href": "https://www.tenable.com/plugins/nessus/94425", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1242.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94425);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7513\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7521\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7532\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7535\", \"CVE-2016-7536\", \"CVE-2016-7537\", \"CVE-2016-7538\", \"CVE-2016-7539\", \"CVE-2016-7540\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8677\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2016-1242)\");\n script_summary(english:\"Check for the openSUSE-2016-1242 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in\n AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7799: Mogrify global buffer overflow\n (bsc#1002421)\n\n - CVE-2016-7540: Writing to RGF format aborts\n (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory\n (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file\n (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7536: SEGV reported in corrupted profile\n handling (bsc#1000710)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder\n (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7532: Fix handling of corrupted psd file\n (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7529: Out of bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out of bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: Out of bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling\n (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling\n (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault\n (bsc#1000686)\n\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read\n Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write\n Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: DOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005328\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-debugsource-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-devel-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-extra-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ImageMagick-extra-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagick++-6_Q16-5-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagick++-6_Q16-5-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagick++-devel-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickCore-6_Q16-2-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickCore-6_Q16-2-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickWand-6_Q16-2-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libMagickWand-6_Q16-2-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"perl-PerlMagick-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"perl-PerlMagick-debuginfo-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-5-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-5-debuginfo-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-2-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-2-debuginfo-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-2-32bit-6.8.9.8-34.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-2-debuginfo-32bit-6.8.9.8-34.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-14T01:52:38", "description": "This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ImageMagick (openSUSE-2016-1282)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9907", "CVE-2015-8957", "CVE-2015-8958", "CVE-2015-8959", "CVE-2016-6823", "CVE-2016-7101", "CVE-2016-7513", "CVE-2016-7514", "CVE-2016-7515", "CVE-2016-7516", "CVE-2016-7517", "CVE-2016-7518", "CVE-2016-7519", "CVE-2016-7520", "CVE-2016-7521", "CVE-2016-7522", "CVE-2016-7523", "CVE-2016-7524", "CVE-2016-7525", "CVE-2016-7526", "CVE-2016-7527", "CVE-2016-7528", "CVE-2016-7529", "CVE-2016-7530", "CVE-2016-7531", "CVE-2016-7532", "CVE-2016-7533", "CVE-2016-7534", "CVE-2016-7535", "CVE-2016-7537", "CVE-2016-7538", "CVE-2016-7539", "CVE-2016-7540", "CVE-2016-7799", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8677", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ImageMagick", "p-cpe:/a:novell:opensuse:ImageMagick-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-debugsource", "p-cpe:/a:novell:opensuse:ImageMagick-devel", "p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit", "p-cpe:/a:novell:opensuse:ImageMagick-extra", "p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-debuginfo", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-6_q16-3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel", "p-cpe:/a:novell:opensuse:libmagick%2b%2b-devel-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit", "p-cpe:/a:novell:opensuse:perl-PerlMagick", "p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1282.NASL", "href": "https://www.tenable.com/plugins/nessus/94754", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1282.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94754);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9907\", \"CVE-2015-8957\", \"CVE-2015-8958\", \"CVE-2015-8959\", \"CVE-2016-6823\", \"CVE-2016-7101\", \"CVE-2016-7513\", \"CVE-2016-7514\", \"CVE-2016-7515\", \"CVE-2016-7516\", \"CVE-2016-7517\", \"CVE-2016-7518\", \"CVE-2016-7519\", \"CVE-2016-7520\", \"CVE-2016-7521\", \"CVE-2016-7522\", \"CVE-2016-7523\", \"CVE-2016-7524\", \"CVE-2016-7525\", \"CVE-2016-7526\", \"CVE-2016-7527\", \"CVE-2016-7528\", \"CVE-2016-7529\", \"CVE-2016-7530\", \"CVE-2016-7531\", \"CVE-2016-7532\", \"CVE-2016-7533\", \"CVE-2016-7534\", \"CVE-2016-7535\", \"CVE-2016-7537\", \"CVE-2016-7538\", \"CVE-2016-7539\", \"CVE-2016-7540\", \"CVE-2016-7799\", \"CVE-2016-7800\", \"CVE-2016-7996\", \"CVE-2016-7997\", \"CVE-2016-8677\", \"CVE-2016-8682\", \"CVE-2016-8683\", \"CVE-2016-8684\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2016-1282)\");\n script_summary(english:\"Check for the openSUSE-2016-1282 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ImageMagick fixes the following issues: These\nvulnerabilities could be triggered by processing specially crafted\nimage files, which could lead to a process crash or resource\nconsumtion, or potentially have unspecified futher impact.\n\n - CVE-2016-8684: Mismatch between real filesize and header\n values (bsc#1005123)\n\n - CVE-2016-8683: Check that filesize is reasonable\n compared to the header value (bsc#1005127)\n\n - CVE-2016-8682: Stack-buffer read overflow while reading\n SCT header (bsc#1005125)\n\n - CVE-2016-8677: Memory allocation failure in\n AcquireQuantumPixels (bsc#1005328)\n\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues\n (bsc#1003629)\n\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to\n heap overflow (bsc#1002422)\n\n - CVE-2016-7799: mogrify global buffer overflow\n (bsc#1002421)\n\n - CVE-2016-7540: writing to RGF format aborts\n (bsc#1000394)\n\n - CVE-2016-7539: Potential DOS by not releasing memory\n (bsc#1000715)\n\n - CVE-2016-7538: SIGABRT for corrupted pdb file\n (bsc#1000712)\n\n - CVE-2016-7537: Out of bound access for corrupted pdb\n file (bsc#1000711)\n\n - CVE-2016-7535: Out of bound access for corrupted psd\n file (bsc#1000709)\n\n - CVE-2016-7534: Out of bound access in generic decoder\n (bsc#1000708)\n\n - CVE-2016-7533: Wpg file out of bound for corrupted file\n (bsc#1000707)\n\n - CVE-2016-7532: fix handling of corrupted psd file\n (bsc#1000706)\n\n - CVE-2016-7531: Pbd file out of bound access\n (bsc#1000704)\n\n - CVE-2016-7530: Out of bound in quantum handling\n (bsc#1000703)\n\n - CVE-2016-7529: Out-of-bound in quantum handling\n (bsc#1000399)\n\n - CVE-2016-7528: Out-of-bound access in xcf file coder\n (bsc#1000434)\n\n - CVE-2016-7527: Out-of-bound access in wpg file coder:\n (bsc#1000436)\n\n - CVE-2016-7526: out-of-bounds write in\n ./MagickCore/pixel-accessor.h (bsc#1000702)\n\n - CVE-2016-7525: Heap buffer overflow in psd file coder\n (bsc#1000701)\n\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow\n READ of size 1 in meta.c:465 (bsc#1000700)\n\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow\n READ of size 1 meta.c:496 (bsc#1000699)\n\n - CVE-2016-7522: Out of bound access for malformed psd\n file (bsc#1000698)\n\n - CVE-2016-7521: Heap buffer overflow in psd file handling\n (bsc#1000697)\n\n - CVE-2016-7520: Heap overflow in hdr file handling\n (bsc#1000696)\n\n - CVE-2016-7519: Out-of-bounds read in coders/rle.c\n (bsc#1000695)\n\n - CVE-2016-7518: Out-of-bounds read in coders/sun.c\n (bsc#1000694)\n\n - CVE-2016-7517: Out-of-bounds read in coders/pict.c\n (bsc#1000693)\n\n - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff\n and sun files (bsc#1000692)\n\n - CVE-2016-7515: Rle file handling for corrupted file\n (bsc#1000689)\n\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c\n (bsc#1000688)\n\n - CVE-2016-7513: Off-by-one error leading to segfault\n (bsc#1000686)\n\n - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds\n Read Vulnerability (bsc#1001221)\n\n - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds\n Write Vulnerability (bsc#1001066)\n\n - CVE-2015-8959: dOS due to corrupted DDS files\n (bsc#1000713)\n\n - CVE-2015-8958: Potential DOS in sun file handling due to\n malformed files (bsc#1000691)\n\n - CVE-2015-8957: Buffer overflow in sun file handling\n (bsc#1000690)\n\n - CVE-2014-9907: DOS due to corrupted DDS files\n (bsc#1000714)\n\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders\n (bsc#1002209)\n\n - Divide by zero in WriteTIFFImage (bsc#1002206)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000394\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000436\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000686\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000688\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000703\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000704\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1000715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1001221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002421\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1002422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1003629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1005328\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-6_Q16-3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-6_Q16-1-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-debugsource-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-devel-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-extra-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"ImageMagick-extra-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-6_Q16-3-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagick++-devel-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-PerlMagick-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"perl-PerlMagick-debuginfo-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-32bit-6.8.8.1-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-32bit-6.8.8.1-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-debuginfo / ImageMagick-debugsource / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2023-02-08T17:17:08", "description": "**Issue Overview:**\n\nThe QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a small samples per pixel value in a CMYKA TIFF file.(CVE-2017-6335)\n\nThe WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.(CVE-2016-7997)\n\nHeap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. (CVE-2016-7996 )\n\nThe MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a \"file truncation error for corrupt file.\" (CVE-2016-8684)\n\nThe ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header. (CVE-2016-8682)\n\nThe ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a \"file truncation error for corrupt file.\" (CVE-2016-8683)\n\nThe MagickRealloc function in memory.c in Graphicsmagick 1.3.25 allows remote attackers to cause a denial of service (crash) via large dimensions in a jpeg image. (CVE-2016-9830)\n\nInteger underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow. (CVE-2016-7800 )\n\n \n**Affected Packages:** \n\n\nGraphicsMagick\n\n \n**Issue Correction:** \nRun _yum update GraphicsMagick_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 GraphicsMagick-c++-devel-1.3.25-6.10.amzn1.i686 \n \u00a0\u00a0\u00a0 GraphicsMagick-devel-1.3.25-6.10.amzn1.i686 \n \u00a0\u00a0\u00a0 GraphicsMagick-debuginfo-1.3.25-6.10.amzn1.i686 \n \u00a0\u00a0\u00a0 GraphicsMagick-perl-1.3.25-6.10.amzn1.i686 \n \u00a0\u00a0\u00a0 GraphicsMagick-1.3.25-6.10.amzn1.i686 \n \u00a0\u00a0\u00a0 GraphicsMagick-c++-1.3.25-6.10.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 GraphicsMagick-doc-1.3.25-6.10.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 GraphicsMagick-1.3.25-6.10.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 GraphicsMagick-devel-1.3.25-6.10.amzn1.x86_64 \n \u00a0\u00a0\u00a0 GraphicsMagick-perl-1.3.25-6.10.amzn1.x86_64 \n \u00a0\u00a0\u00a0 GraphicsMagick-debuginfo-1.3.25-6.10.amzn1.x86_64 \n \u00a0\u00a0\u00a0 GraphicsMagick-1.3.25-6.10.amzn1.x86_64 \n \u00a0\u00a0\u00a0 GraphicsMagick-c++-devel-1.3.25-6.10.amzn1.x86_64 \n \u00a0\u00a0\u00a0 GraphicsMagick-c++-1.3.25-6.10.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2016-7800](<https://access.redhat.com/security/cve/CVE-2016-7800>), [CVE-2016-7996](<https://access.redhat.com/security/cve/CVE-2016-7996>), [CVE-2016-7997](<https://access.redhat.com/security/cve/CVE-2016-7997>), [CVE-2016-8682](<https://access.redhat.com/security/cve/CVE-2016-8682>), [CVE-2016-8683](<https://access.redhat.com/security/cve/CVE-2016-8683>), [CVE-2016-8684](<https://access.redhat.com/security/cve/CVE-2016-8684>), [CVE-2016-9830](<https://access.redhat.com/security/cve/CVE-2016-9830>), [CVE-2017-6335](<https://access.redhat.com/security/cve/CVE-2017-6335>)\n\nMitre: [CVE-2016-7800](<https://vulners.com/cve/CVE-2016-7800>), [CVE-2016-7996](<https://vulners.com/cve/CVE-2016-7996>), [CVE-2016-7997](<https://vulners.com/cve/CVE-2016-7997>), [CVE-2016-8682](<https://vulners.com/cve/CVE-2016-8682>), [CVE-2016-8683](<https://vulners.com/cve/CVE-2016-8683>), [CVE-2016-8684](<https://vulners.com/cve/CVE-2016-8684>), [CVE-2016-9830](<https://vulners.com/cve/CVE-2016-9830>), [CVE-2017-6335](<https://vulners.com/cve/CVE-2017-6335>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-04-20T06:08:00", "type": "amazon", "title": "Medium: GraphicsMagick", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-9830", "CVE-2017-6335"], "modified": "2017-04-20T21:54:00", "id": "ALAS-2017-820", "href": "https://alas.aws.amazon.com/ALAS-2017-820.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nGraphicsMagick reports:\n\nMultiple vulnerabilities have been found in GraphicsMagick 1.3.26\n\t or earlier. Please refer to the CVE list for details.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-07-04T00:00:00", "type": "freebsd", "title": "GraphicsMagick -- multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-9830", "CVE-2017-10794", "CVE-2017-10799", "CVE-2017-10800", "CVE-2017-6335", "CVE-2017-8350"], "modified": "2017-07-04T00:00:00", "id": "25F73C47-68A8-4A30-9CBC-1CA5EEA4D6BA", "href": "https://vuxml.freebsd.org/freebsd/25f73c47-68a8-4a30-9cbc-1ca5eea4d6ba.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:06:11", "description": "The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote\nattackers to cause a denial of service (assertion failure and crash) via\nvectors related to a ReferenceBlob and a NULL pointer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-18T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7997", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7997"], "modified": "2017-01-18T00:00:00", "id": "UB:CVE-2016-7997", "href": "https://ubuntu.com/security/CVE-2016-7997", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:06:16", "description": "Heap-based buffer overflow in the WPG format reader in GraphicsMagick\n1.3.25 and earlier allows remote attackers to have unspecified impact via a\ncolormap with a large number of entries.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-18T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7996", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7996"], "modified": "2017-01-18T00:00:00", "id": "UB:CVE-2016-7996", "href": "https://ubuntu.com/security/CVE-2016-7996", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:05:25", "description": "Integer underflow in the parse8BIM function in coders/meta.c in\nGraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial\nof service (application crash) via a crafted 8BIM chunk, which triggers a\nheap-based buffer overflow.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-06T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7800", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800"], "modified": "2017-02-06T00:00:00", "id": "UB:CVE-2016-7800", "href": "https://ubuntu.com/security/CVE-2016-7800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-01-21T06:08:35", "description": "The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-18T17:59:00", "type": "debiancve", "title": "CVE-2016-7997", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7997"], "modified": "2017-01-18T17:59:00", "id": "DEBIANCVE:CVE-2016-7997", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7997", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-21T06:08:35", "description": "Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-18T17:59:00", "type": "debiancve", "title": "CVE-2016-7996", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7996"], "modified": "2017-01-18T17:59:00", "id": "DEBIANCVE:CVE-2016-7996", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7996", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-21T06:08:35", "description": "Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-06T17:59:00", "type": "debiancve", "title": "CVE-2016-7800", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800"], "modified": "2017-02-06T17:59:00", "id": "DEBIANCVE:CVE-2016-7800", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-02-09T14:19:38", "description": "The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-18T17:59:00", "type": "cve", "title": "CVE-2016-7997", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7997"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:graphicsmagick:graphicsmagick:1.3.25"], "id": "CVE-2016-7997", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7997", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.25:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:19:38", "description": "Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-18T17:59:00", "type": "cve", "title": "CVE-2016-7996", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7996"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/a:graphicsmagick:graphicsmagick:1.3.25"], "id": "CVE-2016-7996", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7996", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.25:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:19:13", "description": "Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-06T17:59:00", "type": "cve", "title": "CVE-2016-7800", "cwe": ["CWE-191", "CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800"], "modified": "2019-04-12T19:46:00", "cpe": ["cpe:/o:opensuse:leap:42.1", "cpe:/o:opensuse:opensuse:13.2", "cpe:/a:graphicsmagick:graphicsmagick:1.3.25", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2016-7800", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7800", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:graphicsmagick:graphicsmagick:1.3.25:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"]}], "debian": [{"lastseen": "2021-10-23T21:48:11", "description": "Package : graphicsmagick\nVersion : 1.3.16-1.1+deb7u5\nCVE ID : CVE-2016-7448 CVE-2016-7996 CVE-2016-7997 CVE-2016-8682 \n CVE-2016-8683 CVE-2016-8684\n\nSeveral vulnerabilities have been found in the graphicsmagick package\nthat may lead to denial of service through failed assertions, CPU or\nmemory usage. Some vulnerabilities may also lead to code execution but\nno exploit is currently known.\n\nCVE-2016-7448\n\n Utah RLE: Reject truncated/absurd files which caused huge memory\n allocations and/or consumed huge CPU \n\nCVE-2016-7996\n\n missing check that the provided colormap is not larger than 256\n entries resulting in potential heap overflow\n\nCVE-2016-7997\n\n denial of service via a crash due to an assertion\n\nCVE-2016-8682\n\n stack-based buffer overflow in ReadSCTImage (sct.c)\n\nCVE-2016-8683\n\n memory allocation failure in ReadPCXImage (pcx.c)\n\nCVE-2016-8684\n\n memory allocation failure in MagickMalloc (memory.c)\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.3.16-1.1+deb7u5.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: Digital signature\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-26T22:34:15", "type": "debian", "title": "[SECURITY] [DLA 683-1] graphicsmagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7448", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684"], "modified": "2016-10-26T22:34:15", "id": "DEBIAN:DLA-683-1:B3C9A", "href": "https://lists.debian.org/debian-lts-announce/2016/10/msg00038.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-24T12:26:38", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3746-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nDecember 24, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : graphicsmagick\nCVE ID : CVE-2015-8808 CVE-2016-2317 CVE-2016-2318 CVE-2016-3714\n CVE-2016-3715 CVE-2016-5118 CVE-2016-5240 CVE-2016-7800\n CVE-2016-7996 CVE-2016-7997 CVE-2016-8682 CVE-2016-8683\n CVE-2016-8684 CVE-2016-9830\nDebian Bug : 814732 825800 847055\n\nSeveral vulnerabilities have been discovered in GraphicsMagick, a\ncollection of image processing tool, which can cause denial of service\nattacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the CVE-2016-3714\nvulnerability.\n\nThe undocumented "TMP" magick prefix no longer removes the argument file\nafter it has been read for fixing the CVE-2016-3715 vulnerability. Since\nthe "TMP" feature was originally implemented, GraphicsMagick added a\ntemporary file management subsystem which assures that temporary files\nare removed so this feature is not needed.\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) with a '|' for fixing the CVE-2016-5118 vulnerability.\n\nCVE-2015-8808\n\n Gustavo Grieco discovered an out of bound read in the parsing of GIF\n files which may cause denial of service.\n\nCVE-2016-2317\n\n Gustavo Grieco discovered a stack buffer overflow and two heap buffer\n overflows while processing SVG images which may cause denial of service.\n\nCVE-2016-2318\n\n Gustavo Grieco discovered several segmentation faults while processing\n SVG images which may cause denial of service.\n\nCVE-2016-5240\n\n Gustavo Grieco discovered an endless loop problem caused by negative\n stroke-dasharray arguments while parsing SVG files which may cause\n denial of service.\n\nCVE-2016-7800\n\n Marco Grassi discovered an unsigned underflow leading to heap overflow\n when parsing 8BIM chunk often attached to JPG files which may cause\n denial of service.\n\nCVE-2016-7996\n\n Moshe Kaplan discovered that there is no check that the provided\n colormap is not larger than 256 entries in the WPG reader which may\n cause denial of service.\n\nCVE-2016-7997\n\n Moshe Kaplan discovered that an assertion is thrown for some files in\n the WPG reader due to a logic error which may cause denial of service.\n\nCVE-2016-8682\n\n Agostino Sarubbo of Gentoo discovered a stack buffer read overflow\n while reading the SCT header which may cause denial of service.\n\nCVE-2016-8683\n\n Agostino Sarubbo of Gentoo discovered a memory allocation failure in the\n PCX coder which may cause denial of service.\n\nCVE-2016-8684\n\n Agostino Sarubbo of Gentoo discovered a memory allocation failure in the\n SGI coder which may cause denial of service.\n\nCVE-2016-9830\n\n Agostino Sarubbo of Gentoo discovered a memory allocation failure in\n MagickRealloc() function which may cause denial of service.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.3.20-3+deb8u2.\n\nFor the testing distribution (stretch), these problems (with the\nexception of CVE-2016-9830) have been fixed in version 1.3.25-5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.3.25-6.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-24T22:03:28", "type": "debian", "title": "[SECURITY] [DSA 3746-1] graphicsmagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8808", "CVE-2016-2317", "CVE-2016-2318", "CVE-2016-3714", "CVE-2016-3715", "CVE-2016-5118", "CVE-2016-5240", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-9830"], "modified": "2016-12-24T22:03:28", "id": "DEBIAN:DSA-3746-1:A9B4D", "href": "https://lists.debian.org/debian-security-announce/2016/msg00330.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-21T22:09:51", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3746-1 security@debian.org\nhttps://www.debian.org/security/ Luciano Bello\nDecember 24, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : graphicsmagick\nCVE ID : CVE-2015-8808 CVE-2016-2317 CVE-2016-2318 CVE-2016-3714\n CVE-2016-3715 CVE-2016-5118 CVE-2016-5240 CVE-2016-7800\n CVE-2016-7996 CVE-2016-7997 CVE-2016-8682 CVE-2016-8683\n CVE-2016-8684 CVE-2016-9830\nDebian Bug : 814732 825800 847055\n\nSeveral vulnerabilities have been discovered in GraphicsMagick, a\ncollection of image processing tool, which can cause denial of service\nattacks, remote file deletion, and remote command execution.\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the CVE-2016-3714\nvulnerability.\n\nThe undocumented "TMP" magick prefix no longer removes the argument file\nafter it has been read for fixing the CVE-2016-3715 vulnerability. Since\nthe "TMP" feature was originally implemented, GraphicsMagick added a\ntemporary file management subsystem which assures that temporary files\nare removed so this feature is not needed.\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) with a '|' for fixing the CVE-2016-5118 vulnerability.\n\nCVE-2015-8808\n\n Gustavo Grieco discovered an out of bound read in the parsing of GIF\n files which may cause denial of service.\n\nCVE-2016-2317\n\n Gustavo Grieco discovered a stack buffer overflow and two heap buffer\n overflows while processing SVG images which may cause denial of service.\n\nCVE-2016-2318\n\n Gustavo Grieco discovered several segmentation faults while processing\n SVG images which may cause denial of service.\n\nCVE-2016-5240\n\n Gustavo Grieco discovered an endless loop problem caused by negative\n stroke-dasharray arguments while parsing SVG files which may cause\n denial of service.\n\nCVE-2016-7800\n\n Marco Grassi discovered an unsigned underflow leading to heap overflow\n when parsing 8BIM chunk often attached to JPG files which may cause\n denial of service.\n\nCVE-2016-7996\n\n Moshe Kaplan discovered that there is no check that the provided\n colormap is not larger than 256 entries in the WPG reader which may\n cause denial of service.\n\nCVE-2016-7997\n\n Moshe Kaplan discovered that an assertion is thrown for some files in\n the WPG reader due to a logic error which may cause denial of service.\n\nCVE-2016-8682\n\n Agostino Sarubbo of Gentoo discovered a stack buffer read overflow\n while reading the SCT header which may cause denial of service.\n\nCVE-2016-8683\n\n Agostino Sarubbo of Gentoo discovered a memory allocation failure in the\n PCX coder which may cause denial of service.\n\nCVE-2016-8684\n\n Agostino Sarubbo of Gentoo discovered a memory allocation failure in the\n SGI coder which may cause denial of service.\n\nCVE-2016-9830\n\n Agostino Sarubbo of Gentoo discovered a memory allocation failure in\n MagickRealloc() function which may cause denial of service.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.3.20-3+deb8u2.\n\nFor the testing distribution (stretch), these problems (with the\nexception of CVE-2016-9830) have been fixed in version 1.3.25-5.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.3.25-6.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-24T22:03:28", "type": "debian", "title": "[SECURITY] [DSA 3746-1] graphicsmagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8808", "CVE-2016-2317", "CVE-2016-2318", "CVE-2016-3714", "CVE-2016-3715", "CVE-2016-5118", "CVE-2016-5240", "CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-9830"], "modified": "2016-12-24T22:03:28", "id": "DEBIAN:DSA-3746-1:7E756", "href": "https://lists.debian.org/debian-security-announce/2016/msg00330.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-06T04:24:12", "description": "Package : graphicsmagick\nVersion : 1.3.16-1.1+deb7u4\nCVE ID : CVE-2016-7446 CVE-2016-7447 CVE-2016-7449 CVE-2016-7800\nDebian Bug : \n\n\nVarious security issues were found and fixed in graphicsmagick in Debian\nwheezy LTS.\n\nCVE-2016-7446\n\n Heap buffer overflow issue in MVG/SVG rendering.\n\nCVE-2016-7447\n\n Heap overflow of the EscapeParenthesis() function\n\nCVE-2016-7449\n\n TIFF related problems due to use of strlcpy use.\n\nCVE-2016-7800\n\n Fix unsigned underflow leading to heap overflow when\n parsing 8BIM chunk.\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n1.3.16-1.1+deb7u4.\n\nWe recommend that you upgrade your graphicsmagick packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n- -- \nBrian May <bam@debian.org>", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-11T06:40:00", "type": "debian", "title": "[SECURITY] [DLA 651-1] graphicsmagick security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7446", "CVE-2016-7447", "CVE-2016-7449", "CVE-2016-7800"], "modified": "2016-10-11T06:40:00", "id": "DEBIAN:DLA-651-1:36F8B", "href": "https://lists.debian.org/debian-lts-announce/2016/10/msg00007.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-05T05:19:47", "description": "\nSeveral vulnerabilities have been found in the graphicsmagick package\nthat may lead to denial of service through failed assertions, CPU or\nmemory usage. Some vulnerabilities may also lead to code execution but\nno exploit is currently known.\n\n\n* [CVE-2016-7448](https://security-tracker.debian.org/tracker/CVE-2016-7448)\nUtah RLE: Reject truncated/absurd files which caused huge memory\n allocations and/or consumed huge CPU\n* [CVE-2016-7996](https://security-tracker.debian.org/tracker/CVE-2016-7996)\nmissing check that the provided colormap is not larger than 256\n entries resulting in potential heap overflow\n* [CVE-2016-7997](https://security-tracker.debian.org/tracker/CVE-2016-7997)\ndenial of service via a crash due to an assertion\n* [CVE-2016-8682](https://security-tracker.debian.org/tracker/CVE-2016-8682)\nstack-based buffer overflow in ReadSCTImage (sct.c)\n* [CVE-2016-8683](https://security-tracker.debian.org/tracker/CVE-2016-8683)\nmemory allocation failure in ReadPCXImage (pcx.c)\n* [CVE-2016-8684](https://security-tracker.debian.org/tracker/CVE-2016-8684)\nmemory allocation failure in MagickMalloc (memory.c)\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n1.3.16-1.1+deb7u5.\n\n\nWe recommend that you upgrade your graphicsmagick packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-26T00:00:00", "type": "osv", "title": "graphicsmagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8683", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-8684", "CVE-2016-7448", "CVE-2016-8682"], "modified": "2022-08-05T05:19:45", "id": "OSV:DLA-683-1", "href": "https://osv.dev/vulnerability/DLA-683-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-10T07:11:17", "description": "\nSeveral vulnerabilities have been discovered in GraphicsMagick, a\ncollection of image processing tool, which can cause denial of service\nattacks, remote file deletion, and remote command execution.\n\n\nThis security update removes the full support of PLT/Gnuplot decoder to\nprevent Gnuplot-shell based shell exploits for fixing the\n[CVE-2016-3714](https://security-tracker.debian.org/tracker/CVE-2016-3714)\nvulnerability.\n\n\nThe undocumented TMP magick prefix no longer removes the argument file\nafter it has been read for fixing the\n[CVE-2016-3715](https://security-tracker.debian.org/tracker/CVE-2016-3715)\nvulnerability. Since the TMP feature was originally implemented,\nGraphicsMagick added a temporary file management subsystem which assures\nthat temporary files are removed so this feature is not needed.\n\n\nRemove support for reading input from a shell command, or writing output\nto a shell command, by prefixing the specified filename (containing the\ncommand) with a '|' for fixing the\n[CVE-2016-5118](https://security-tracker.debian.org/tracker/CVE-2016-5118)\nvulnerability.\n\n\n* [CVE-2015-8808](https://security-tracker.debian.org/tracker/CVE-2015-8808)\nGustavo Grieco discovered an out of bound read in the parsing of GIF\n files which may cause denial of service.\n* [CVE-2016-2317](https://security-tracker.debian.org/tracker/CVE-2016-2317)\nGustavo Grieco discovered a stack buffer overflow and two heap buffer\n overflows while processing SVG images which may cause denial of service.\n* [CVE-2016-2318](https://security-tracker.debian.org/tracker/CVE-2016-2318)\nGustavo Grieco discovered several segmentation faults while processing\n SVG images which may cause denial of service.\n* [CVE-2016-5240](https://security-tracker.debian.org/tracker/CVE-2016-5240)\nGustavo Grieco discovered an endless loop problem caused by negative\n stroke-dasharray arguments while parsing SVG files which may cause\n denial of service.\n* [CVE-2016-7800](https://security-tracker.debian.org/tracker/CVE-2016-7800)\nMarco Grassi discovered an unsigned underflow leading to heap overflow\n when parsing 8BIM chunk often attached to JPG files which may cause\n denial of service.\n* [CVE-2016-7996](https://security-tracker.debian.org/tracker/CVE-2016-7996)\nMoshe Kaplan discovered that there is no check that the provided\n colormap is not larger than 256 entries in the WPG reader which may\n cause denial of service.\n* [CVE-2016-7997](https://security-tracker.debian.org/tracker/CVE-2016-7997)\nMoshe Kaplan discovered that an assertion is thrown for some files in\n the WPG reader due to a logic error which may cause denial of service.\n* [CVE-2016-8682](https://security-tracker.debian.org/tracker/CVE-2016-8682)\nAgostino Sarubbo of Gentoo discovered a stack buffer read overflow\n while reading the SCT header which may cause denial of service.\n* [CVE-2016-8683](https://security-tracker.debian.org/tracker/CVE-2016-8683)\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\n PCX coder which may cause denial of service.\n* [CVE-2016-8684](https://security-tracker.debian.org/tracker/CVE-2016-8684)\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in the\n SGI coder which may cause denial of service.\n* [CVE-2016-9830](https://security-tracker.debian.org/tracker/CVE-2016-9830)\nAgostino Sarubbo of Gentoo discovered a memory allocation failure in\n MagickRealloc() function which may cause denial of service.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1.3.20-3+deb8u2.\n\n\nFor the testing distribution (stretch), these problems (with the\nexception of [CVE-2016-9830](https://security-tracker.debian.org/tracker/CVE-2016-9830)) have been fixed in version 1.3.25-5.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.3.25-6.\n\n\nWe recommend that you upgrade your graphicsmagick packages.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-12-24T00:00:00", "type": "osv", "title": "graphicsmagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3715", "CVE-2016-8683", "CVE-2016-2317", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-3714", "CVE-2016-9830", "CVE-2016-8684", "CVE-2015-8808", "CVE-2016-7800", "CVE-2016-5240", "CVE-2016-2318", "CVE-2016-8682", "CVE-2016-5118"], "modified": "2022-08-10T07:11:11", "id": "OSV:DSA-3746-1", "href": "https://osv.dev/vulnerability/DSA-3746-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-05T05:19:46", "description": "\nVarious security issues were found and fixed in graphicsmagick in Debian\nwheezy LTS.\n\n\n* [CVE-2016-7446](https://security-tracker.debian.org/tracker/CVE-2016-7446)\nHeap buffer overflow issue in MVG/SVG rendering.\n* [CVE-2016-7447](https://security-tracker.debian.org/tracker/CVE-2016-7447)\nHeap overflow of the EscapeParenthesis() function\n* [CVE-2016-7449](https://security-tracker.debian.org/tracker/CVE-2016-7449)\nTIFF related problems due to use of strlcpy use.\n* [CVE-2016-7800](https://security-tracker.debian.org/tracker/CVE-2016-7800)\nFix unsigned underflow leading to heap overflow when\n parsing 8BIM chunk.\n\n\nFor Debian 7 Wheezy, these problems have been fixed in version\n1.3.16-1.1+deb7u4.\n\n\nWe recommend that you upgrade your graphicsmagick packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-10-11T00:00:00", "type": "osv", "title": "graphicsmagick - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7447", "CVE-2016-7800", "CVE-2016-7446", "CVE-2016-7449"], "modified": "2022-08-05T05:19:44", "id": "OSV:DLA-651-1", "href": "https://osv.dev/vulnerability/DLA-651-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "New stable upstream release including security fixes for CVE-2016-7800, CVE-2016-7996, CVE-2016-7997, CVE-2016-8682, CVE-2016-8683, CVE-2016-8684, CVE-2016-9830, CVE-2017-6335, CVE-2017-8350, CVE-2017-10794, CVE-2017-10799, CVE-2017-10800, CVE-2017-11403 and possibly several other security issues with and without associated CVE number. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-30T15:58:51", "type": "mageia", "title": "Updated graphicsmagick packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7800", "CVE-2016-7996", "CVE-2016-7997", "CVE-2016-8682", "CVE-2016-8683", "CVE-2016-8684", "CVE-2016-9830", "CVE-2017-10794", "CVE-2017-10799", "CVE-2017-10800", "CVE-2017-11403", "CVE-2017-6335", "CVE-2017-8350"], "modified": "2017-07-30T15:58:51", "id": "MGASA-2017-0229", "href": "https://advisories.mageia.org/MGASA-2017-0229.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2021-06-08T18:38:47", "description": "This update for GraphicsMagick fixes the following issues:\n\n - a possible shell execution attack was fixed. if the first character of\n an input filename for 'convert' was a '|' then the remainder of the\n filename was passed to the shell (CVE-2016-5118, boo#982178)\n - Maliciously crafted pnm files could crash GraphicsMagick (CVE-2014-9805,\n [boo#983752])\n - Prevent overflow in rle files (CVE-2014-9846, boo#983521)\n - Fix a double free in pdb coder (CVE-2014-9807, boo#983794)\n - Fix a possible crash due to corrupted xwd images (CVE-2014-9809,\n boo#983799)\n - Fix a possible crash due to corrupted wpg images (CVE-2014-9815,\n boo#984372)\n - Fix a heap buffer overflow in pdb file handling (CVE-2014-9817,\n boo#984400)\n - Fix a heap overflow in xpm files (CVE-2014-9820, boo#984150)\n - Fix a heap overflow in pict files (CVE-2014-9834, boo#984436)\n - Fix a heap overflow in wpf files (CVE-2014-9835, CVE-2014-9831,\n boo#984145, boo#984375)\n - Additional PNM sanity checks (CVE-2014-9837, boo#984166)\n - Fix a possible crash due to corrupted dib file (CVE-2014-9845,\n boo#984394)\n - Fix out of bound in quantum handling (CVE-2016-7529, boo#1000399)\n - Fix out of bound access in xcf file coder (CVE-2016-7528, boo#1000434)\n - Fix handling of corrupted lle files (CVE-2016-7515, boo#1000689)\n - Fix out of bound access for malformed psd file (CVE-2016-7522,\n boo#1000698)\n - Fix out of bound access for pbd files (CVE-2016-7531, boo#1000704)\n - Fix out of bound access in corrupted wpg files (CVE-2016-7533,\n boo#1000707)\n - Fix out of bound access in corrupted pdb files (CVE-2016-7537,\n boo#1000711)\n - BMP Coder Out-Of-Bounds Write Vulnerability (CVE-2016-6823, boo#1001066)\n - SGI Coder Out-Of-Bounds Read Vulnerability (CVE-2016-7101, boo#1001221)\n - Divide by zero in WriteTIFFImage (do not divide by zero in\n WriteTIFFImage, boo#1002206)\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (fix buffer\n overflow, boo#1002209)\n - 8BIM/8BIMW unsigned underflow leads to heap overflow (CVE-2016-7800,\n boo#1002422)\n - wpg reader issues (CVE-2016-7996, CVE-2016-7997, boo#1003629)\n - Mismatch between real filesize and header values (CVE-2016-8684,\n boo#1005123)\n - Stack-buffer read overflow while reading SCT header (CVE-2016-8682,\n boo#1005125)\n - Check that filesize is reasonable compared to the header value\n (CVE-2016-8683, boo#1005127)\n - Memory allocation failure in AcquireMagickMemory (CVE-2016-8862,\n boo#1007245)\n - heap-based buffer overflow in IsPixelGray (CVE-2016-9556, boo#1011130)\n\n", "cvss3": {}, "published": "2016-12-08T18:09:17", "type": "suse", "title": "Security update for GraphicsMagick (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2014-9809", "CVE-2016-7529", "CVE-2014-9831", "CVE-2016-8683", "CVE-2014-9853", "CVE-2014-9807", "CVE-2016-7533", "CVE-2014-9817", "CVE-2014-9845", "CVE-2014-9834", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-7531", "CVE-2016-7515", "CVE-2016-6823", "CVE-2014-9820", "CVE-2016-9556", "CVE-2014-9837", "CVE-2014-9815", "CVE-2016-7528", "CVE-2014-9835", "CVE-2016-8862", "CVE-2014-9805", "CVE-2016-7522", "CVE-2016-8684", "CVE-2014-9846", "CVE-2016-7537", "CVE-2016-7800", "CVE-2016-7101", "CVE-2016-8682", "CVE-2016-5118"], "modified": "2016-12-08T18:09:17", "id": "OPENSUSE-SU-2016:3060-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00028.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:38:57", "description": "This update for ImageMagick fixes the following issues:\n\n These vulnerabilities could be triggered by processing specially crafted\n image files, which could lead to a process crash or resource consumtion,\n or potentially have unspecified futher impact.\n\n - CVE-2016-8862: Memory allocation failure in AcquireMagickMemory\n (bsc#1007245)\n - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714)\n - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713)\n - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)\n - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)\n - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688)\n - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)\n - CVE-2016-7529: out of bound in quantum handling (bsc#1000399)\n - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)\n - CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436)\n - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)\n - CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434)\n - CVE-2016-8683: Check that filesize is reasonable compared to the header\n value (bsc#1005127)\n - CVE-2016-8682: Stack-buffer read overflow while reading SCT header\n (bsc#1005125)\n - CVE-2016-8684: Mismatch between real filesize and header values\n (bsc#1005123)\n - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)\n - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701)\n - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in\n meta.c:465 (bsc#1000700)\n - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703)\n - CVE-2016-7531: Pbd file out of bound access (bsc#1000704)\n - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)\n - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709)\n - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)\n - CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693)\n - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files\n (bsc#1000692)\n - CVE-2015-8958: Potential DOS in sun file handling due to malformed files\n (bsc#1000691)\n - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)\n - CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695)\n - CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694)\n - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow\n (bsc#1002422)\n - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1\n meta.c:496 (bsc#1000699)\n - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421)\n\n", "cvss3": {}, "published": "2016-12-01T18:07:53", "type": "suse", "title": "Security update for ImageMagick (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2016-7519", "CVE-2016-7529", "CVE-2016-7799", "CVE-2016-7526", "CVE-2016-7523", "CVE-2016-7525", "CVE-2016-7527", "CVE-2016-7530", "CVE-2016-8683", "CVE-2016-7533", "CVE-2016-7535", "CVE-2016-7997", "CVE-2016-7996", "CVE-2016-7531", "CVE-2016-7515", "CVE-2016-6823", "CVE-2016-5687", "CVE-2016-7516", "CVE-2016-7517", "CVE-2015-8957", "CVE-2016-7528", "CVE-2016-8862", "CVE-2014-9907", "CVE-2016-7522", "CVE-2016-7514", "CVE-2016-7518", "CVE-2016-8684", "CVE-2016-7537", "CVE-2015-8958", "CVE-2016-7800", "CVE-2016-7101", "CVE-2016-8682", "CVE-2016-7524", "CVE-2015-8959"], "modified": "2016-12-01T18:07:53", "id": "SUSE-SU-2016:2964-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00000.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T18:38:47", "description": "This update for GraphicsMagick fixes the following issues:\n\n * CVE-2017-11640: NULL pointer deref in WritePTIFImage() in\n coders/tiff.c could lead to denial of service [bsc#1050632]\n * CVE-2017-14342: Memory exhaustion in ReadWPGImage in coders/wpg.c\n could lead to denial of service [bsc#1058485]\n * CVE-2017-14341: Infinite loop in the ReadWPGImage function could lead\n to denial of service [bsc#1058637]\n * CVE-2017-16546: Issue in ReadWPGImage function in coders/wpg.c could\n lead to denial of service [bsc#1067181]\n * CVE-2017-16545: The ReadWPGImage function in coders/wpg.c in\n validation problems could lead to denial of service [bsc#1067184]\n * CVE-2017-16669: coders/wpg.c allows remote attackers to cause a\n denial of service via crafted file [bsc#1067409]\n * CVE-2017-13776: denial of service issue in ReadXBMImage() in a\n coders/xbm.c [bsc#1056429]\n * CVE-2017-13777: denial of service issue in ReadXBMImage() in a\n coders/xbm.c [bsc#1056426]\n * CVE-2017-13134: heap-based buffer over-read in the function SFWScan in\n coders/sfw.c could lead to denial of service via a crafted file\n [bsc#1055214]\n * CVE-2017-15930: Null Pointer dereference while transfering JPEG\n scanlines could lead to denial of service [bsc#1066003]\n * CVE-2017-12983: Heap-based buffer overflow in the ReadSFWImage\n function in coders/sfw.c allows remote attackers to cause a denial of\n service (application crash) or possibly have unspecified other impact\n via a crafted file. [bsc#1054757]\n * CVE-2017-14165: The ReadSUNImage function in coders/sun.c has an issue\n where memory allocation is excessive because it depends only on a\n length field in a header. This may lead to remote denial of service in\n the MagickMalloc function in magick/memory.c. [bsc#1057508]\n * CVE-2017-12587: Large loop vulnerability in the ReadPWPImage function\n in coders\\pwp.c. [bsc#1052450]\n\n", "cvss3": {}, "published": "2017-12-27T15:08:30", "type": "suse", "title": "Security update for GraphicsMagick (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-13777", "CVE-2017-12587", "CVE-2017-12983", "CVE-2017-13776", "CVE-2017-16546", "CVE-2016-7996", "CVE-2017-14165", "CVE-2017-15930", "CVE-2017-14341", "CVE-2017-13134", "CVE-2017-16669", "CVE-2017-16545", "CVE-2017-11640", "CVE-2017-14342"], "modified": "2017-12-27T15:08:30", "id": "SUSE-SU-2017:3435-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-12/msg00093.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}

The updated packages fix a security vulnerability

Description

Affected Package

Related