ID DEBIAN_DSA-4712.NASL Type nessus Reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2020-07-01T00:00:00
Description
This update fixes multiple vulnerabilities in Imagemagick: Various
memory handling problems and cases of missing or incomplete input
sanitising may result in denial of service, memory disclosure or
potentially the execution of arbitrary code if malformed image files
are processed.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-4712. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(137912);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/07/06");
script_cve_id("CVE-2019-10649", "CVE-2019-11470", "CVE-2019-11472", "CVE-2019-11597", "CVE-2019-11598", "CVE-2019-12974", "CVE-2019-12975", "CVE-2019-12976", "CVE-2019-12977", "CVE-2019-12978", "CVE-2019-12979", "CVE-2019-13135", "CVE-2019-13137", "CVE-2019-13295", "CVE-2019-13297", "CVE-2019-13300", "CVE-2019-13301", "CVE-2019-13304", "CVE-2019-13305", "CVE-2019-13307", "CVE-2019-13308", "CVE-2019-13309", "CVE-2019-13311", "CVE-2019-13454", "CVE-2019-14981", "CVE-2019-15139", "CVE-2019-15140", "CVE-2019-16708", "CVE-2019-16710", "CVE-2019-16711", "CVE-2019-16713", "CVE-2019-19948", "CVE-2019-19949", "CVE-2019-7175", "CVE-2019-7395", "CVE-2019-7396", "CVE-2019-7397", "CVE-2019-7398");
script_xref(name:"DSA", value:"4712");
script_name(english:"Debian DSA-4712-1 : imagemagick - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"This update fixes multiple vulnerabilities in Imagemagick: Various
memory handling problems and cases of missing or incomplete input
sanitising may result in denial of service, memory disclosure or
potentially the execution of arbitrary code if malformed image files
are processed."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/source-package/imagemagick"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/buster/imagemagick"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2020/dsa-4712"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the imagemagick packages.
For the stable distribution (buster), these problems have been fixed
in version 8:6.9.10.23+dfsg-2.1+deb10u1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:imagemagick");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/05");
script_set_attribute(attribute:"patch_publication_date", value:"2020/06/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/07/01");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"10.0", prefix:"imagemagick", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"imagemagick-6-common", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"imagemagick-6-doc", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"imagemagick-6.q16", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"imagemagick-6.q16hdri", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"imagemagick-common", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"imagemagick-doc", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libimage-magick-perl", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libimage-magick-q16-perl", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libimage-magick-q16hdri-perl", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagick++-6-headers", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagick++-6.q16-8", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagick++-6.q16-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagick++-6.q16hdri-8", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagick++-6.q16hdri-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagick++-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6-arch-config", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6-headers", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6.q16-6", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6.q16-6-extra", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6.q16-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6.q16hdri-6", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6.q16hdri-6-extra", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-6.q16hdri-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickcore-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickwand-6-headers", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickwand-6.q16-6", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickwand-6.q16-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickwand-6.q16hdri-6", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickwand-6.q16hdri-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"libmagickwand-dev", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (deb_check(release:"10.0", prefix:"perlmagick", reference:"8:6.9.10.23+dfsg-2.1+deb10u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-4712.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-4712-1 : imagemagick - security update", "description": "This update fixes multiple vulnerabilities in Imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service, memory disclosure or\npotentially the execution of arbitrary code if malformed image files\nare processed.", "published": "2020-07-01T00:00:00", "modified": "2020-07-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://www.tenable.com/plugins/nessus/137912", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.debian.org/security/2020/dsa-4712", "https://packages.debian.org/source/buster/imagemagick", "https://security-tracker.debian.org/tracker/source-package/imagemagick"], "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-19949", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-7175", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-11598", "CVE-2019-7395", "CVE-2019-16711", "CVE-2019-7396", "CVE-2019-7398", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-11472", "CVE-2019-10649", "CVE-2019-11470", "CVE-2019-19948", "CVE-2019-15140", "CVE-2019-15139", "CVE-2019-7397"], "type": "nessus", "lastseen": "2020-07-07T01:23:57", "edition": 2, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "debian", "idList": ["DEBIAN:DLA-2333-1:FD35B", "DEBIAN:DSA-4712-1:143FB", "DEBIAN:DSA-4715-1:91257", "DEBIAN:DLA-1968-1:A7B91", "DEBIAN:DLA-1888-1:33F1E"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852675", "OPENVAS:1361412562310891888", "OPENVAS:1361412562310113422", "OPENVAS:1361412562310704712", "OPENVAS:1361412562310113420", "OPENVAS:1361412562310704715", "OPENVAS:1361412562311220191889", "OPENVAS:1361412562310891968", "OPENVAS:1361412562310113421", "OPENVAS:1361412562310844242"]}, {"type": "nessus", "idList": ["EULEROS_SA-2020-2090.NASL", "OPENSUSE-2019-1983.NASL", "SUSE_SU-2019-2106-1.NASL", "SUSE_SU-2019-2010-1.NASL", "EULEROS_SA-2020-2349.NASL", "IMAGEMAGICK_7_0_8-35.NASL", "UBUNTU_USN-4192-1.NASL", "EULEROS_SA-2019-1889.NASL", "FREEBSD_PKG_183D700EEC70487EA9C4632324AFA934.NASL", "EULEROS_SA-2020-1806.NASL"]}, {"type": "ubuntu", "idList": ["USN-4192-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:5C35631CC00210C3F6C3054F4CBB7D35"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2519-1", "OPENSUSE-SU-2019:1983-1", "OPENSUSE-SU-2019:2515-1"]}, {"type": "freebsd", "idList": ["183D700E-EC70-487E-A9C4-632324AFA934"]}, {"type": "cve", "idList": ["CVE-2019-13308", "CVE-2019-10649", "CVE-2019-13137", "CVE-2019-19948", "CVE-2019-16710", "CVE-2019-16713", "CVE-2019-16708", "CVE-2019-13454", "CVE-2019-16711", "CVE-2019-12974"]}, {"type": "amazon", "idList": ["ALAS-2020-1391", "ALAS2-2020-1497"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1180"]}], "modified": "2020-07-07T01:23:57", "rev": 2}, "score": {"value": 7.9, "vector": "NONE", "modified": "2020-07-07T01:23:57", "rev": 2}, "vulnersScore": 7.9}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4712. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137912);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/06\");\n\n script_cve_id(\"CVE-2019-10649\", \"CVE-2019-11470\", \"CVE-2019-11472\", \"CVE-2019-11597\", \"CVE-2019-11598\", \"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13135\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13311\", \"CVE-2019-13454\", \"CVE-2019-14981\", \"CVE-2019-15139\", \"CVE-2019-15140\", \"CVE-2019-16708\", \"CVE-2019-16710\", \"CVE-2019-16711\", \"CVE-2019-16713\", \"CVE-2019-19948\", \"CVE-2019-19949\", \"CVE-2019-7175\", \"CVE-2019-7395\", \"CVE-2019-7396\", \"CVE-2019-7397\", \"CVE-2019-7398\");\n script_xref(name:\"DSA\", value:\"4712\");\n\n script_name(english:\"Debian DSA-4712-1 : imagemagick - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update fixes multiple vulnerabilities in Imagemagick: Various\nmemory handling problems and cases of missing or incomplete input\nsanitising may result in denial of service, memory disclosure or\npotentially the execution of arbitrary code if malformed image files\nare processed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/imagemagick\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/imagemagick\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4712\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the imagemagick packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 8:6.9.10.23+dfsg-2.1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick-6-common\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick-6-doc\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick-6.q16\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick-6.q16hdri\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick-common\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"imagemagick-doc\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libimage-magick-perl\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libimage-magick-q16-perl\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libimage-magick-q16hdri-perl\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagick++-6-headers\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagick++-6.q16-8\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagick++-6.q16-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagick++-6.q16hdri-8\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagick++-6.q16hdri-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagick++-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6-arch-config\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6-headers\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6.q16-6\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6.q16-6-extra\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6.q16-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6.q16hdri-6\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6.q16hdri-6-extra\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-6.q16hdri-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickcore-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickwand-6-headers\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickwand-6.q16-6\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickwand-6.q16-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickwand-6.q16hdri-6\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickwand-6.q16hdri-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libmagickwand-dev\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"perlmagick\", reference:\"8:6.9.10.23+dfsg-2.1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "137912", "cpe": ["cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:imagemagick"], "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "scheme": null}
{"openvas": [{"lastseen": "2020-07-21T20:05:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-19949", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-7175", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-11598", "CVE-2019-7395", "CVE-2019-16711", "CVE-2019-7396", "CVE-2019-7398", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-11472", "CVE-2019-10649", "CVE-2019-11470", "CVE-2019-19948", "CVE-2019-15140", "CVE-2019-15139", "CVE-2019-7397"], "description": "The remote host is missing an update for the ", "modified": "2020-07-03T00:00:00", "published": "2020-07-02T00:00:00", "id": "OPENVAS:1361412562310704712", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704712", "type": "openvas", "title": "Debian: Security Advisory for imagemagick (DSA-4712-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704712\");\n script_version(\"2020-07-03T07:30:29+0000\");\n script_cve_id(\"CVE-2019-10649\", \"CVE-2019-11470\", \"CVE-2019-11472\", \"CVE-2019-11597\", \"CVE-2019-11598\", \"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13135\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13311\", \"CVE-2019-13454\", \"CVE-2019-14981\", \"CVE-2019-15139\", \"CVE-2019-15140\", \"CVE-2019-16708\", \"CVE-2019-16710\", \"CVE-2019-16711\", \"CVE-2019-16713\", \"CVE-2019-19948\", \"CVE-2019-19949\", \"CVE-2019-7175\", \"CVE-2019-7395\", \"CVE-2019-7396\", \"CVE-2019-7397\", \"CVE-2019-7398\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-03 07:30:29 +0000 (Fri, 03 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-02 03:33:25 +0000 (Thu, 02 Jul 2020)\");\n script_name(\"Debian: Security Advisory for imagemagick (DSA-4712-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4712.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4712-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the DSA-4712-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update fixes multiple vulnerabilities in Imagemagick: Various memory\nhandling problems and cases of missing or incomplete input sanitising\nmay result in denial of service, memory disclosure or potentially the\nexecution of arbitrary code if malformed image files are processed.\");\n\n script_tag(name:\"affected\", value:\"'imagemagick' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 8:6.9.10.23+dfsg-2.1+deb10u1.\n\nWe recommend that you upgrade your imagemagick packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6-common\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6-doc\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16hdri\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-q16hdri-perl\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-8\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-8\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-6\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-6-extra\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-6\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-6-extra\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-6\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-6\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.9.10.23+dfsg-2.1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-13T14:47:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-16711", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-15139"], "description": "The remote host is missing an update for the ", "modified": "2019-12-12T00:00:00", "published": "2019-11-15T00:00:00", "id": "OPENVAS:1361412562310844242", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844242", "type": "openvas", "title": "Ubuntu Update for imagemagick USN-4192-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844242\");\n script_version(\"2019-12-12T11:35:23+0000\");\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13135\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13306\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13310\", \"CVE-2019-13311\", \"CVE-2019-13391\", \"CVE-2019-13454\", \"CVE-2019-14981\", \"CVE-2019-15139\", \"CVE-2019-15140\", \"CVE-2019-16708\", \"CVE-2019-16709\", \"CVE-2019-16710\", \"CVE-2019-16711\", \"CVE-2019-16713\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-12-12 11:35:23 +0000 (Thu, 12 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-15 03:00:52 +0000 (Fri, 15 Nov 2019)\");\n script_name(\"Ubuntu Update for imagemagick USN-4192-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.10|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4192-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005210.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the USN-4192-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that ImageMagick incorrectly handled certain malformed\nimage files. If a user or automated system using ImageMagick were tricked\ninto opening a specially crafted image, an attacker could exploit this to\ncause a denial of service or possibly execute code with the privileges of\nthe user invoking the program.\");\n\n script_tag(name:\"affected\", value:\"'imagemagick' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"-6.q16-7\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3-extra\", ver:\"8:6.9.7.4+dfsg-16ubuntu6.8\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"-6.q16-8\", ver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-6\", ver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-6-extra\", ver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.10.14+dfsg-7ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.10.14+dfsg-7ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"-6.q16-8\", ver:\"8:6.9.10.14+dfsg-7ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-6\", ver:\"8:6.9.10.14+dfsg-7ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-6-extra\", ver:\"8:6.9.10.14+dfsg-7ubuntu2.3\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-7ubuntu5.15\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-7ubuntu5.15\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"-6.q16-5v5\", ver:\"8:6.8.9.9-7ubuntu5.15\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-7ubuntu5.15\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-7ubuntu5.15\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:36:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-13295", "CVE-2019-12979"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191889", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191889", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1889)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1889\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13135\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13300\", \"CVE-2019-13304\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:25:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1889)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1889\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1889\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ImageMagick' package(s) announced via the EulerOS-SA-2019-1889 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"ImageMagick before 7.0.8-50 has a 'use of uninitialized value' vulnerability in the function ReadCUTImage in coders/cut.c.(CVE-2019-13135)\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled.(CVE-2019-13295)\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled.(CVE-2019-13297)\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns.(CVE-2019-13300)\n\nImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment.(CVE-2019-13304)\n\nImageMagick 7.0.8-34 has a 'use of uninitialized value' vulnerability in the ReadPANGOImage function in coders/pango.c.(CVE-2019-12978)\n\nImageMagick 7.0.8-34 has a 'use of uninitialized value' vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c.(CVE-2019-12979)\");\n\n script_tag(name:\"affected\", value:\"'ImageMagick' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~6.7.8.9~15.h26.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-c++\", rpm:\"ImageMagick-c++~6.7.8.9~15.h26.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-perl\", rpm:\"ImageMagick-perl~6.7.8.9~15.h26.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T14:28:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-12976", "CVE-2019-12978", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-12979", "CVE-2019-12975"], "description": "ImageMagick is prone to multiple vulnerabilities.", "modified": "2019-10-07T00:00:00", "published": "2019-07-01T00:00:00", "id": "OPENVAS:1361412562310113421", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113421", "type": "openvas", "title": "ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Windows)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113421\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-01 15:08:10 +0000 (Mon, 01 Jul 2019)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\");\n script_bugtraq_id(108913);\n\n script_name(\"ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_imagemagick_detect_win.nasl\");\n script_mandatory_keys(\"ImageMagick/Win/Installed\");\n\n script_tag(name:\"summary\", value:\"ImageMagick is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and\n the function ReadVIDImage in coders/vid.c allows remote attackers to cause\n a denial of service via a crafted image.\n\n - There is a memory leak vulnerability in the WripteDPXImage function in coders/dpx.c.\n\n - There is a memory leak in the ReadPCLImage function in coders/pcl.c.\n\n - There is a 'use of uninitialized value' vulnerability in the\n WriteJP2Image function in coders/jp2.c.\n\n - There is a 'use of uninitialized value' vulnerability in the\n ReadPANGOImage function in coders/pango.c.\n\n - There is a 'use of uninitialized value' vulnerability in the SyncImageSettings function\n in MagickCore/image.c. This is related to AcquireImage in magick/image.c.\");\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the application,\n access sensitive information or even execute arbitrary code on the target machine.\");\n script_tag(name:\"affected\", value:\"ImageMagick through version 7.0.8-34.\");\n script_tag(name:\"solution\", value:\"Update to version 7.0.8-35.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1515\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1517\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1518\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1519\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1520\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1522\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:imagemagick:imagemagick\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"7.0.8.35\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"7.0.8-35\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T14:28:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-12976", "CVE-2019-12978", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-12979", "CVE-2019-12975"], "description": "ImageMagick is prone to multiple vulnerabilities.", "modified": "2019-10-07T00:00:00", "published": "2019-07-01T00:00:00", "id": "OPENVAS:1361412562310113422", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113422", "type": "openvas", "title": "ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Mac OS X)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113422\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-01 15:08:10 +0000 (Mon, 01 Jul 2019)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\");\n script_bugtraq_id(108913);\n\n script_name(\"ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Mac OS X)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_imagemagick_detect_macosx.nasl\");\n script_mandatory_keys(\"ImageMagick/MacOSX/Version\");\n\n script_tag(name:\"summary\", value:\"ImageMagick is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and\n the function ReadVIDImage in coders/vid.c allows remote attackers to cause\n a denial of service via a crafted image.\n\n - There is a memory leak vulnerability in the WripteDPXImage function in coders/dpx.c.\n\n - There is a memory leak in the ReadPCLImage function in coders/pcl.c.\n\n - There is a 'use of uninitialized value' vulnerability in the\n WriteJP2Image function in coders/jp2.c.\n\n - There is a 'use of uninitialized value' vulnerability in the\n ReadPANGOImage function in coders/pango.c.\n\n - There is a 'use of uninitialized value' vulnerability in the SyncImageSettings function\n in MagickCore/image.c. This is related to AcquireImage in magick/image.c.\");\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the application,\n access sensitive information or even execute arbitrary code on the target machine.\");\n script_tag(name:\"affected\", value:\"ImageMagick through version 7.0.8-34.\");\n script_tag(name:\"solution\", value:\"Update to version 7.0.8-35.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1515\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1517\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1518\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1519\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1520\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1522\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:imagemagick:imagemagick\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"7.0.8.35\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"7.0.8-35\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-09T14:28:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-12976", "CVE-2019-12978", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-12979", "CVE-2019-12975"], "description": "ImageMagick is prone to multiple vulnerabilities.", "modified": "2019-10-07T00:00:00", "published": "2019-07-01T00:00:00", "id": "OPENVAS:1361412562310113420", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113420", "type": "openvas", "title": "ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Linux)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113420\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-01 15:08:10 +0000 (Mon, 01 Jul 2019)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\");\n script_bugtraq_id(108913);\n\n script_name(\"ImageMagick <= 7.0.8-34 Multiple Vulnerabilities (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_imagemagick_detect_lin.nasl\");\n script_mandatory_keys(\"ImageMagick/Lin/Ver\");\n\n script_tag(name:\"summary\", value:\"ImageMagick is prone to multiple vulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The following vulnerabilities exist:\n\n - A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and\n the function ReadVIDImage in coders/vid.c allows remote attackers to cause\n a denial of service via a crafted image.\n\n - There is a memory leak vulnerability in the WripteDPXImage function in coders/dpx.c.\n\n - There is a memory leak in the ReadPCLImage function in coders/pcl.c.\n\n - There is a 'use of uninitialized value' vulnerability in the\n WriteJP2Image function in coders/jp2.c.\n\n - There is a 'use of uninitialized value' vulnerability in the\n ReadPANGOImage function in coders/pango.c.\n\n - There is a 'use of uninitialized value' vulnerability in the SyncImageSettings function\n in MagickCore/image.c. This is related to AcquireImage in magick/image.c.\");\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the application,\n access sensitive information or even execute arbitrary code on the target machine.\");\n script_tag(name:\"affected\", value:\"ImageMagick through version 7.0.8-34.\");\n script_tag(name:\"solution\", value:\"Update to version 7.0.8-35.\");\n\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1515\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1517\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1518\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1519\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1520\");\n script_xref(name:\"URL\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1522\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:imagemagick:imagemagick\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"7.0.8.35\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"7.0.8-35\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:47:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13298", "CVE-2019-13297", "CVE-2019-13134", "CVE-2019-13311", "CVE-2019-13303", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13302", "CVE-2019-13136", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-13299", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-13296", "CVE-2019-13133"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-08-22T00:00:00", "id": "OPENVAS:1361412562310852675", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852675", "type": "openvas", "title": "openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2019:1983-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852675\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13133\", \"CVE-2019-13134\", \"CVE-2019-13135\", \"CVE-2019-13136\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13296\", \"CVE-2019-13297\", \"CVE-2019-13298\", \"CVE-2019-13299\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13302\", \"CVE-2019-13303\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13306\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13310\", \"CVE-2019-13311\", \"CVE-2019-13391\", \"CVE-2019-13454\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-22 02:01:13 +0000 (Thu, 22 Aug 2019)\");\n script_name(\"openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2019:1983-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1983-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ImageMagick'\n package(s) announced via the openSUSE-SU-2019:1983-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for ImageMagick fixes the following issues:\n\n - CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()\n (bsc#1140554).\n\n - CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to\n mishandling the NoSuchImage error in CLIListOperatorImages (bsc#1140520).\n\n - CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an\n error in MagickWand/mogrify.c (bsc#1140501).\n\n - CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a\n wand/mogrify.c error (bsc#1140513).\n\n - CVE-2019-13303: Fixed a heap-based buffer over-read in\n MagickCore/composite.c in CompositeImage (bsc#1140549).\n\n - CVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of an\n error in CLIListOperatorImages in MagickWand/operation.c (bsc#1140665).\n\n - CVE-2019-13299: Fixed a heap-based buffer over-read at\n MagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668).\n\n - CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in\n MagickCore/layer.c (bsc#1141171).\n\n - CVE-2019-13295: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).\n\n - CVE-2019-13297: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).\n\n - CVE-2019-12979: Fixed the use of uninitialized values in\n SyncImageSettings() (bsc#1139886).\n\n - CVE-2019-13391: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c (bsc#1140673).\n\n - CVE-2019-13308: Fixed a heap-based buffer overflow in\n MagickCore/fourier.c (bsc#1140534).\n\n - CVE-2019-13302: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c in ComplexImages (bsc#1140552).\n\n - CVE-2019-13298: Fixed a heap-based buffer overflow at\n MagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667).\n\n - CVE-2019-13300: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\n - CVE-2019-13307: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c (bsc#1140538).\n\n - CVE-2019-12977: Fixed the use of uninitialized values in WriteJP2Imag()\n (bsc#1139884).\n\n - CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in\n coders/dpx.c (bsc#1140106).\n\n - CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage()\n (bsc#1140103).\n\n - CVE-2019-12978: Fixed the use of uninitialized values in\n ReadPANGOImage() (bsc#1139885).\n\n - CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage()\n (bsc#1140111).\n\n - CVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in\n WritePNMImage (bsc#1140547).\n\n - CVE-2019-13305: Fixed one more ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'ImageMagick' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick\", rpm:\"ImageMagick~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-config-7-SUSE\", rpm:\"ImageMagick-config-7-SUSE~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-config-7-upstream\", rpm:\"ImageMagick-config-7-upstream~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-debuginfo\", rpm:\"ImageMagick-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-debugsource\", rpm:\"ImageMagick-debugsource~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-devel\", rpm:\"ImageMagick-devel~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-extra\", rpm:\"ImageMagick-extra~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-extra-debuginfo\", rpm:\"ImageMagick-extra-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-7_Q16HDRI4\", rpm:\"libMagick++-7_Q16HDRI4~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-7_Q16HDRI4-debuginfo\", rpm:\"libMagick++-7_Q16HDRI4-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-devel\", rpm:\"libMagick++-devel~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-7_Q16HDRI6\", rpm:\"libMagickCore-7_Q16HDRI6~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-7_Q16HDRI6-debuginfo\", rpm:\"libMagickCore-7_Q16HDRI6-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-7_Q16HDRI6\", rpm:\"libMagickWand-7_Q16HDRI6~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-7_Q16HDRI6-debuginfo\", rpm:\"libMagickWand-7_Q16HDRI6-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-PerlMagick\", rpm:\"perl-PerlMagick~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perl-PerlMagick-debuginfo\", rpm:\"perl-PerlMagick-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-devel-32bit\", rpm:\"ImageMagick-devel-32bit~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-7_Q16HDRI4-32bit\", rpm:\"libMagick++-7_Q16HDRI4-32bit~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-7_Q16HDRI4-32bit-debuginfo\", rpm:\"libMagick++-7_Q16HDRI4-32bit-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagick++-devel-32bit\", rpm:\"libMagick++-devel-32bit~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-7_Q16HDRI6-32bit\", rpm:\"libMagickCore-7_Q16HDRI6-32bit~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickCore-7_Q16HDRI6-32bit-debuginfo\", rpm:\"libMagickCore-7_Q16HDRI6-32bit-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-7_Q16HDRI6-32bit\", rpm:\"libMagickWand-7_Q16HDRI6-32bit~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libMagickWand-7_Q16HDRI6-32bit-debuginfo\", rpm:\"libMagickWand-7_Q16HDRI6-32bit-debuginfo~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ImageMagick-doc\", rpm:\"ImageMagick-doc~7.0.7.34~lp150.2.38.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:27:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13135", "CVE-2019-13297", "CVE-2019-13306", "CVE-2019-13304", "CVE-2019-12974", "CVE-2019-13295", "CVE-2019-13305"], "description": "The remote host is missing an update for the ", "modified": "2020-01-29T00:00:00", "published": "2019-08-17T00:00:00", "id": "OPENVAS:1361412562310891888", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891888", "type": "openvas", "title": "Debian LTS: Security Advisory for imagemagick (DLA-1888-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891888\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-13135\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13306\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-17 02:00:15 +0000 (Sat, 17 Aug 2019)\");\n script_name(\"Debian LTS: Security Advisory for imagemagick (DLA-1888-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1888-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the DLA-1888-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in imagemagick, an image processing\ntoolkit.\n\nCVE-2019-12974\n\nNULL pointer dereference in ReadPANGOImage and ReadVIDImage (coders/pango.c\nand coders/vid.c). This vulnerability might be leveraged by remote attackers\nto cause denial of service via crafted image data.\n\nCVE-2019-13135\n\nMultiple use of uninitialized values in ReadCUTImage, UnpackWPG2Raster and\nUnpackWPGRaster (coders/wpg.c and coders/cut.c). These vulnerabilities might\nbe leveraged by remote attackers to cause denial of service or unauthorized\ndisclosure or modification of information via crafted image data.\n\nCVE-2019-13295, CVE-2019-13297\n\nMultiple heap buffer over-reads in AdaptiveThresholdImage\n(magick/threshold.c). These vulnerabilities might be leveraged by remote\nattackers to cause denial of service or unauthorized disclosure or\nmodification of information via crafted image data.\n\nCVE-2019-13304, CVE-2019-13305, CVE-2019-13306\n\nMultiple stack buffer overflows in WritePNMImage (coders/pnm.c), leading to\nstack buffer over write up to ten bytes. Remote attackers might leverage\nthese flaws to potentially perform code execution or denial of service.\");\n\n script_tag(name:\"affected\", value:\"'imagemagick' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n8:6.8.9.9-5+deb8u17.\n\nWe recommend that you upgrade your imagemagick packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-dbg\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-5\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.8.9.9-5+deb8u17\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-07-21T20:05:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13306", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-19948", "CVE-2019-15140"], "description": "The remote host is missing an update for the ", "modified": "2020-07-08T00:00:00", "published": "2020-07-04T00:00:00", "id": "OPENVAS:1361412562310704715", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704715", "type": "openvas", "title": "Debian: Security Advisory for imagemagick (DSA-4715-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704715\");\n script_version(\"2020-07-08T07:05:43+0000\");\n script_cve_id(\"CVE-2019-13300\", \"CVE-2019-13304\", \"CVE-2019-13306\", \"CVE-2019-13307\", \"CVE-2019-15140\", \"CVE-2019-19948\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-08 07:05:43 +0000 (Wed, 08 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-04 03:11:30 +0000 (Sat, 04 Jul 2020)\");\n script_name(\"Debian: Security Advisory for imagemagick (DSA-4715-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4715.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4715-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the DSA-4715-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update fixes multiple vulnerabilities in Imagemagick: Various memory\nhandling problems and cases of missing or incomplete input sanitising\nmay result in denial of service, memory disclosure or potentially the\nexecution of arbitrary code if malformed image files are processed.\");\n\n script_tag(name:\"affected\", value:\"'imagemagick' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 8:6.9.7.4+dfsg-11+deb9u8.\n\nWe recommend that you upgrade your imagemagick packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6-common\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6-doc\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16hdri\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-q16hdri-perl\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-7\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-7\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-3-extra\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-3\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-3-extra\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-3\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-3\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16hdri-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.9.7.4+dfsg-11+deb9u8\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:29:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-14981", "CVE-2019-11470", "CVE-2019-15140", "CVE-2019-15139"], "description": "The remote host is missing an update for the ", "modified": "2020-01-29T00:00:00", "published": "2019-10-22T00:00:00", "id": "OPENVAS:1361412562310891968", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891968", "type": "openvas", "title": "Debian LTS: Security Advisory for imagemagick (DLA-1968-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891968\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2019-11470\", \"CVE-2019-14981\", \"CVE-2019-15139\", \"CVE-2019-15140\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-22 02:00:35 +0000 (Tue, 22 Oct 2019)\");\n script_name(\"Debian LTS: Security Advisory for imagemagick (DLA-1968-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1968-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'imagemagick'\n package(s) announced via the DLA-1968-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in imagemagick, an image processing\ntoolkit.\n\nCVE-2019-11470\n\nUncontrolled resource consumption caused by insufficiently sanitized image\nsize in ReadCINImage (coders/cin.c). This vulnerability might be leveraged\nby remote attackers to cause denial of service via a crafted Cineon image.\n\nCVE-2019-14981\n\nDivide-by-zero vulnerability in MeanShiftImage (magick/feature.c). This\nvulnerability might be leveraged by remote attackers to cause denial of\nservice via crafted image data.\n\nCVE-2019-15139\n\nOut-of-bounds read in ReadXWDImage (coders/xwd.c). This vulnerability might\nbe leveraged by remote attackers to cause denial of service via a crafted\nXWD (X Window System window dumping file) image file.\n\nCVE-2019-15140\n\nBound checking issue in ReadMATImage (coders/mat.c), potentially leading to\nuse-after-free. This vulnerability might be leveraged by remote attackers to\ncause denial of service or any other unspecified impact via a crafted MAT\nimage file.\");\n\n script_tag(name:\"affected\", value:\"'imagemagick' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n8:6.8.9.9-5+deb8u18.\n\nWe recommend that you upgrade your imagemagick packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-6.q16\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-common\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-dbg\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"imagemagick-doc\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-perl\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libimage-magick-q16-perl\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6-headers\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-5\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagick++-dev\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-arch-config\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6-headers\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-2-extra\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickcore-dev\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6-headers\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-2\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-6.q16-dev\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libmagickwand-dev\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"perlmagick\", ver:\"8:6.8.9.9-5+deb8u18\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:03:11", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-19949", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-7175", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-11598", "CVE-2019-7395", "CVE-2019-16711", "CVE-2019-7396", "CVE-2019-7398", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-11472", "CVE-2019-10649", "CVE-2019-11470", "CVE-2019-19948", "CVE-2019-15140", "CVE-2019-15139", "CVE-2019-7397"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4712-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJune 30, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : imagemagick\nCVE ID : CVE-2019-7175 CVE-2019-7395 CVE-2019-7396 CVE-2019-7397 \n CVE-2019-7398 CVE-2019-10649 CVE-2019-11470 CVE-2019-11472 \n CVE-2019-11597 CVE-2019-11598 CVE-2019-12974 CVE-2019-12975 \n CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 \n CVE-2019-13135 CVE-2019-13137 CVE-2019-13295 CVE-2019-13297 \n CVE-2019-13300 CVE-2019-13301 CVE-2019-13304 CVE-2019-13305 \n CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13311 \n CVE-2019-13454 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 \n CVE-2019-16708 CVE-2019-16710 CVE-2019-16711 CVE-2019-16713 \n CVE-2019-19948 CVE-2019-19949\n\nThis update fixes multiple vulnerabilities in Imagemagick: Various memory\nhandling problems and cases of missing or incomplete input sanitising\nmay result in denial of service, memory disclosure or potentially the\nexecution of arbitrary code if malformed image files are processed.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 8:6.9.10.23+dfsg-2.1+deb10u1.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFor the detailed security status of imagemagick please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/imagemagick\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 5, "modified": "2020-06-30T20:32:11", "published": "2020-06-30T20:32:11", "id": "DEBIAN:DSA-4712-1:143FB", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00116.html", "title": "[SECURITY] [DSA 4712-1] imagemagick security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:56:27", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13135", "CVE-2019-13297", "CVE-2019-13306", "CVE-2019-13304", "CVE-2019-12974", "CVE-2019-13295", "CVE-2019-13305"], "description": "Package : imagemagick\nVersion : 8:6.8.9.9-5+deb8u17\nCVE ID : CVE-2019-12974 CVE-2019-13135 CVE-2019-13295 CVE-2019-13297 \n CVE-2019-13304 CVE-2019-13305 CVE-2019-13306\n\nMultiple vulnerabilities have been found in imagemagick, an image processing\ntoolkit.\n\nCVE-2019-12974\n\n NULL pointer dereference in ReadPANGOImage and ReadVIDImage (coders/pango.c\n and coders/vid.c). This vulnerability might be leveraged by remote attackers\n to cause denial of service via crafted image data.\n\nCVE-2019-13135\n\n Multiple use of uninitialized values in ReadCUTImage, UnpackWPG2Raster and\n UnpackWPGRaster (coders/wpg.c and coders/cut.c). These vulnerabilities might\n be leveraged by remote attackers to cause denial of service or unauthorized\n disclosure or modification of information via crafted image data.\n\nCVE-2019-13295, CVE-2019-13297\n\n Multiple heap buffer over-reads in AdaptiveThresholdImage\n (magick/threshold.c). These vulnerabilities might be leveraged by remote\n attackers to cause denial of service or unauthorized disclosure or\n modification of information via crafted image data.\n\nCVE-2019-13304, CVE-2019-13305, CVE-2019-13306\n\n Multiple stack buffer overflows in WritePNMImage (coders/pnm.c), leading to\n stack buffer over write up to ten bytes. Remote attackers might leverage\n these flaws to potentially perform code execution or denial of service.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n8:6.8.9.9-5+deb8u17.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 5, "modified": "2019-08-16T14:14:39", "published": "2019-08-16T14:14:39", "id": "DEBIAN:DLA-1888-1:33F1E", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201908/msg00021.html", "title": "[SECURITY] [DLA 1888-1] imagemagick security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:09:45", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13306", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-19948", "CVE-2019-15140"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4715-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 02, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : imagemagick\nCVE ID : CVE-2019-13300 CVE-2019-13304 CVE-2019-13306 CVE-2019-13307 \n CVE-2019-15140 CVE-2019-19948\n\nThis update fixes multiple vulnerabilities in Imagemagick: Various memory\nhandling problems and cases of missing or incomplete input sanitising\nmay result in denial of service, memory disclosure or potentially the\nexecution of arbitrary code if malformed image files are processed.\n \nFor the oldstable distribution (stretch), these problems have been fixed\nin version 8:6.9.7.4+dfsg-11+deb9u8.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFor the detailed security status of imagemagick please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/imagemagick\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 5, "modified": "2020-07-02T18:35:07", "published": "2020-07-02T18:35:07", "id": "DEBIAN:DSA-4715-1:91257", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00119.html", "title": "[SECURITY] [DSA 4715-1] imagemagick security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:00:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-14981", "CVE-2019-11470", "CVE-2019-15140", "CVE-2019-15139"], "description": "Package : imagemagick\nVersion : 8:6.8.9.9-5+deb8u18\nCVE ID : CVE-2019-11470 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140\n\nMultiple vulnerabilities have been found in imagemagick, an image processing\ntoolkit.\n\nCVE-2019-11470\n\n Uncontrolled resource consumption caused by insufficiently sanitized image\n size in ReadCINImage (coders/cin.c). This vulnerability might be leveraged\n by remote attackers to cause denial of service via a crafted Cineon image.\n\nCVE-2019-14981\n\n Divide-by-zero vulnerability in MeanShiftImage (magick/feature.c). This\n vulnerability might be leveraged by remote attackers to cause denial of\n service via crafted image data.\n\nCVE-2019-15139\n\n Out-of-bounds read in ReadXWDImage (coders/xwd.c). This vulnerability might\n be leveraged by remote attackers to cause denial of service via a crafted\n XWD (X Window System window dumping file) image file.\n\nCVE-2019-15140\n\n Bound checking issue in ReadMATImage (coders/mat.c), potentially leading to\n use-after-free. This vulnerability might be leveraged by remote attackers to\n cause denial of service or any other unspecified impact via a crafted MAT\n image file.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n8:6.8.9.9-5+deb8u18.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 5, "modified": "2019-10-21T09:07:46", "published": "2019-10-21T09:07:46", "id": "DEBIAN:DLA-1968-1:A7B91", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201910/msg00028.html", "title": "[SECURITY] [DLA 1968-1] imagemagick security update", "type": "debian", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-19T12:56:29", "bulletinFamily": "unix", "cvelist": ["CVE-2019-19949", "CVE-2019-13297", "CVE-2018-18024", "CVE-2018-7443", "CVE-2017-18252", "CVE-2018-9133", "CVE-2018-10177", "CVE-2019-10131", "CVE-2019-12978", "CVE-2017-17681", "CVE-2018-14551", "CVE-2017-12805", "CVE-2019-13454", "CVE-2018-20467", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2018-8804", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-14981", "CVE-2019-11472", "CVE-2019-11470", "CVE-2018-8960"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2333-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nAugust 18, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : imagemagick\nVersion : 8:6.9.7.4+dfsg-11+deb9u9\nCVE ID : CVE-2017-12805 CVE-2017-17681 CVE-2017-18252\n CVE-2018-7443 CVE-2018-8804 CVE-2018-8960\n CVE-2018-9133 CVE-2018-10177 CVE-2018-14551\n CVE-2018-18024 CVE-2018-20467 CVE-2019-10131\n CVE-2019-11472 CVE-2019-11597 CVE-2019-12974\n CVE-2019-12977 CVE-2019-12978 CVE-2019-12979\n CVE-2019-13295 CVE-2019-13297 CVE-2019-11470\n CVE-2019-13454 CVE-2019-14981 CVE-2019-19949\nDebian Bug : 885941 891291 894848 896018 904713 917326 928207 931196\n 931191 931190 931189 931457 927830 931740 955025\n947309\n\nSeveral security vulnerabilities were fixed in Imagemagick. Various\nmemory handling problems and cases of missing or incomplete input\nsanitizing may result in denial of service, memory or CPU exhaustion,\ninformation disclosure or potentially the execution of arbitrary code\nwhen a malformed image file is processed.\n\nFor Debian 9 stretch, these problems have been fixed in version\n8:6.9.7.4+dfsg-11+deb9u9.\n\nWe recommend that you upgrade your imagemagick packages.\n\nFor the detailed security status of imagemagick please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/imagemagick\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 1, "modified": "2020-08-18T23:31:23", "published": "2020-08-18T23:31:23", "id": "DEBIAN:DLA-2333-1:FD35B", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00030.html", "title": "[SECURITY] [DLA 2333-1] imagemagick security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-11-19T05:24:24", "bulletinFamily": "software", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-16711", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-15139"], "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nIt was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.\n\nCVEs contained in this USN include: CVE-2019-12974, CVE-2019-12975, CVE-2019-12976, CVE-2019-12977, CVE-2019-12978, CVE-2019-12979, CVE-2019-13135, CVE-2019-13137, CVE-2019-13295, CVE-2019-13297, CVE-2019-13300, CVE-2019-13301, CVE-2019-13304, CVE-2019-13305, CVE-2019-13306, CVE-2019-13307, CVE-2019-13308, CVE-2019-13309, CVE-2019-13310, CVE-2019-13311, CVE-2019-13391, CVE-2019-13454, CVE-2019-14981, CVE-2019-15139, CVE-2019-15140, CVE-2019-16708, CVE-2019-16709, CVE-2019-16710, CVE-2019-16711, CVE-2019-16713\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.144.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.144.0 or later.\n\n## References\n\n * [USN-4192-1](<https://usn.ubuntu.com/4192-1>)\n * [CVE-2019-12974](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12974>)\n * [CVE-2019-12975](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12975>)\n * [CVE-2019-12976](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12976>)\n * [CVE-2019-12977](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12977>)\n * [CVE-2019-12978](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12978>)\n * [CVE-2019-12979](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12979>)\n * [CVE-2019-13135](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13135>)\n * [CVE-2019-13137](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13137>)\n * [CVE-2019-13295](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13295>)\n * [CVE-2019-13297](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13297>)\n * [CVE-2019-13300](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13300>)\n * [CVE-2019-13301](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13301>)\n * [CVE-2019-13304](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13304>)\n * [CVE-2019-13305](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13305>)\n * [CVE-2019-13306](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13306>)\n * [CVE-2019-13307](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13307>)\n * [CVE-2019-13308](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13308>)\n * [CVE-2019-13309](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13309>)\n * [CVE-2019-13310](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13310>)\n * [CVE-2019-13311](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13311>)\n * [CVE-2019-13391](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13391>)\n * [CVE-2019-13454](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13454>)\n * [CVE-2019-14981](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14981>)\n * [CVE-2019-15139](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15139>)\n * [CVE-2019-15140](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15140>)\n * [CVE-2019-16708](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16708>)\n * [CVE-2019-16709](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16709>)\n * [CVE-2019-16710](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16710>)\n * [CVE-2019-16711](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16711>)\n * [CVE-2019-16713](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16713>)\n", "edition": 1, "modified": "2019-11-18T00:00:00", "published": "2019-11-18T00:00:00", "id": "CFOUNDRY:5C35631CC00210C3F6C3054F4CBB7D35", "href": "https://www.cloudfoundry.org/blog/usn-4192-1/", "title": "USN-4192-1: ImageMagick vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-09-18T11:02:28", "description": "It was discovered that ImageMagick incorrectly handled certain\nmalformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could\nexploit this to cause a denial of service or possibly execute code\nwith the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-11-15T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : ImageMagick vulnerabilities (USN-4192-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-16711", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-15139"], "modified": "2019-11-15T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:imagemagick", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-6", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04", "p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16", "p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-8", "p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-5v5", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3-extra", "cpe:/o:canonical:ubuntu_linux:19.10", "p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-7", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-6-extra", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2", "p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra"], "id": "UBUNTU_USN-4192-1.NASL", "href": "https://www.tenable.com/plugins/nessus/131072", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4192-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131072);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13135\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13306\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13310\", \"CVE-2019-13311\", \"CVE-2019-13391\", \"CVE-2019-13454\", \"CVE-2019-14981\", \"CVE-2019-15139\", \"CVE-2019-15140\", \"CVE-2019-16708\", \"CVE-2019-16709\", \"CVE-2019-16710\", \"CVE-2019-16711\", \"CVE-2019-16713\");\n script_xref(name:\"USN\", value:\"4192-1\");\n script_xref(name:\"IAVB\", value:\"2019-B-0062-S\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : ImageMagick vulnerabilities (USN-4192-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that ImageMagick incorrectly handled certain\nmalformed image files. If a user or automated system using ImageMagick\nwere tricked into opening a specially crafted image, an attacker could\nexploit this to cause a denial of service or possibly execute code\nwith the privileges of the user invoking the program.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4192-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:imagemagick-6.q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-5v5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagick++-6.q16-8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-3-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libmagickcore-6.q16-6-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick\", pkgver:\"8:6.8.9.9-7ubuntu5.15\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.8.9.9-7ubuntu5.15\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagick++-6.q16-5v5\", pkgver:\"8:6.8.9.9-7ubuntu5.15\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2\", pkgver:\"8:6.8.9.9-7ubuntu5.15\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libmagickcore-6.q16-2-extra\", pkgver:\"8:6.8.9.9-7ubuntu5.15\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"imagemagick\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmagick++-6.q16-7\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmagickcore-6.q16-3\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libmagickcore-6.q16-3-extra\", pkgver:\"8:6.9.7.4+dfsg-16ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"imagemagick\", pkgver:\"8:6.9.10.14+dfsg-7ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.9.10.14+dfsg-7ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmagick++-6.q16-8\", pkgver:\"8:6.9.10.14+dfsg-7ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmagickcore-6.q16-6\", pkgver:\"8:6.9.10.14+dfsg-7ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libmagickcore-6.q16-6-extra\", pkgver:\"8:6.9.10.14+dfsg-7ubuntu2.3\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"imagemagick\", pkgver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"imagemagick-6.q16\", pkgver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libmagick++-6.q16-8\", pkgver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libmagickcore-6.q16-6\", pkgver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libmagickcore-6.q16-6-extra\", pkgver:\"8:6.9.10.23+dfsg-2.1ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"imagemagick / imagemagick-6.q16 / libmagick++-6.q16-5v5 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-10T09:07:42", "description": "According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n ReadYCBCRImage in coders/ycbcr.c.(CVE-2018-10805)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n WriteTIFFImage in coders/tiff.c.(CVE-2018-10804)\n\n - In ImageMagick 7.0.7-28, there is an infinite loop in\n the ReadOneMNGImage function of the coders/png.c file.\n Remote attackers could leverage this vulnerability to\n cause a denial of service via a crafted mng\n file.(CVE-2018-10177)\n\n - In ImageMagick 7.0.7-29 and earlier, a missing NULL\n check in ReadOneJNGImage in coders/png.c allows an\n attacker to cause a denial of service (WriteBlob\n assertion failure and application exit) via a crafted\n file.(CVE-2018-16749)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WritePSDChannel in coders/psd.c.(CVE-2019-7395)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n ReadSIXELImage in coders/sixel.c.(CVE-2019-7396)\n\n - A NULL pointer dereference in the function\n ReadPANGOImage in coders/pango.c and the function\n ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34\n allows remote attackers to cause a denial of service\n via a crafted image.(CVE-2019-12974)\n\n - ImageMagick 7.0.8-34 has a memory leak vulnerability in\n the WriteDPXImage function in\n coders/dpx.c.(CVE-2019-12975)\n\n - ImageMagick 7.0.8-34 has a memory leak in the\n ReadPCLImage function in coders/pcl.c.(CVE-2019-12976)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the WriteJP2Image function in\n coders/jp2.c.(CVE-2019-12977)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadPSImage in\n coders/ps.c.(CVE-2019-13137)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced strncpy and an off-by-one\n error.(CVE-2019-13305)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of\n off-by-one errors.(CVE-2019-13306)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling rows.(CVE-2019-13307)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks in\n AcquireMagickMemory because of an AnnotateImage\n error.(CVE-2019-13301)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of mishandling the\n NoSuchImage error in CLIListOperatorImages in\n MagickWand/operation.c.(CVE-2019-13309)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c.(CVE-2019-13310)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of a wand/mogrify.c\n error.(CVE-2019-13311)\n\n - In ImageMagick 7.0.8-50 Q16, ComplexImages in\n MagickCore/fourier.c has a heap-based buffer over-read\n because of incorrect calls to\n GetCacheViewVirtualPixels.(CVE-2019-13391)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow in MagickCore/fourier.c in\n ComplexImage.(CVE-2019-13308)\n\n - ImageMagick 7.0.8-54 Q16 allows Division by Zero in\n RemoveDuplicateLayers in\n MagickCore/layer.c.(CVE-2019-13454)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-09-28T00:00:00", "title": "EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-2090)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13297", "CVE-2018-16749", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13307", "CVE-2018-10177", "CVE-2019-13304", "CVE-2019-12978", "CVE-2018-10804", "CVE-2019-7395", "CVE-2019-7396", "CVE-2019-13310", "CVE-2019-13308", "CVE-2018-10805", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-12975", "CVE-2019-13391"], "modified": "2020-09-28T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ImageMagick-perl", "p-cpe:/a:huawei:euleros:ImageMagick-c++", "p-cpe:/a:huawei:euleros:ImageMagick", "p-cpe:/a:huawei:euleros:ImageMagick-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2090.NASL", "href": "https://www.tenable.com/plugins/nessus/140857", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140857);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2018-10177\",\n \"CVE-2018-10804\",\n \"CVE-2018-10805\",\n \"CVE-2018-16749\",\n \"CVE-2019-12974\",\n \"CVE-2019-12975\",\n \"CVE-2019-12976\",\n \"CVE-2019-12977\",\n \"CVE-2019-12978\",\n \"CVE-2019-12979\",\n \"CVE-2019-13137\",\n \"CVE-2019-13295\",\n \"CVE-2019-13297\",\n \"CVE-2019-13300\",\n \"CVE-2019-13301\",\n \"CVE-2019-13304\",\n \"CVE-2019-13305\",\n \"CVE-2019-13306\",\n \"CVE-2019-13307\",\n \"CVE-2019-13308\",\n \"CVE-2019-13309\",\n \"CVE-2019-13310\",\n \"CVE-2019-13311\",\n \"CVE-2019-13391\",\n \"CVE-2019-13454\",\n \"CVE-2019-7395\",\n \"CVE-2019-7396\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2020-2090)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n ReadYCBCRImage in coders/ycbcr.c.(CVE-2018-10805)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n WriteTIFFImage in coders/tiff.c.(CVE-2018-10804)\n\n - In ImageMagick 7.0.7-28, there is an infinite loop in\n the ReadOneMNGImage function of the coders/png.c file.\n Remote attackers could leverage this vulnerability to\n cause a denial of service via a crafted mng\n file.(CVE-2018-10177)\n\n - In ImageMagick 7.0.7-29 and earlier, a missing NULL\n check in ReadOneJNGImage in coders/png.c allows an\n attacker to cause a denial of service (WriteBlob\n assertion failure and application exit) via a crafted\n file.(CVE-2018-16749)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WritePSDChannel in coders/psd.c.(CVE-2019-7395)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n ReadSIXELImage in coders/sixel.c.(CVE-2019-7396)\n\n - A NULL pointer dereference in the function\n ReadPANGOImage in coders/pango.c and the function\n ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34\n allows remote attackers to cause a denial of service\n via a crafted image.(CVE-2019-12974)\n\n - ImageMagick 7.0.8-34 has a memory leak vulnerability in\n the WriteDPXImage function in\n coders/dpx.c.(CVE-2019-12975)\n\n - ImageMagick 7.0.8-34 has a memory leak in the\n ReadPCLImage function in coders/pcl.c.(CVE-2019-12976)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the WriteJP2Image function in\n coders/jp2.c.(CVE-2019-12977)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadPSImage in\n coders/ps.c.(CVE-2019-13137)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced strncpy and an off-by-one\n error.(CVE-2019-13305)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of\n off-by-one errors.(CVE-2019-13306)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling rows.(CVE-2019-13307)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks in\n AcquireMagickMemory because of an AnnotateImage\n error.(CVE-2019-13301)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of mishandling the\n NoSuchImage error in CLIListOperatorImages in\n MagickWand/operation.c.(CVE-2019-13309)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c.(CVE-2019-13310)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of a wand/mogrify.c\n error.(CVE-2019-13311)\n\n - In ImageMagick 7.0.8-50 Q16, ComplexImages in\n MagickCore/fourier.c has a heap-based buffer over-read\n because of incorrect calls to\n GetCacheViewVirtualPixels.(CVE-2019-13391)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow in MagickCore/fourier.c in\n ComplexImage.(CVE-2019-13308)\n\n - ImageMagick 7.0.8-54 Q16 allows Division by Zero in\n RemoveDuplicateLayers in\n MagickCore/layer.c.(CVE-2019-13454)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2090\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?829e6201\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13391\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.9.9.38-1.h7\",\n \"ImageMagick-c++-6.9.9.38-1.h7\",\n \"ImageMagick-libs-6.9.9.38-1.h7\",\n \"ImageMagick-perl-6.9.9.38-1.h7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-05T12:58:47", "description": "This update for ImageMagick fixes the following issues :\n\nCVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()\n(bsc#1140554).\n\nCVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of\nan error in MagickWand/mogrify.c (bsc#1140501).\n\nCVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of\na wand/mogrify.c error (bsc#1140513).\n\nCVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in\nMagickCore/layer.c (bsc#1141171).\n\nCVE-2019-13295: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).\n\nCVE-2019-13297: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).\n\nCVE-2019-12979: Fixed the use of uninitialized values in\nSyncImageSettings() (bsc#1139886).\n\nCVE-2019-13391: Fixed a heap-based buffer over-read in\nMagickCore/fourier.c (bsc#1140673).\n\nCVE-2019-13308: Fixed a heap-based buffer overflow in\nMagickCore/fourier.c (bsc#1140534).\n\nCVE-2019-13300: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\nCVE-2019-13307: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c (bsc#1140538).\n\nCVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in\ncoders/dpx.c (bsc#1140106).\n\nCVE-2019-13135: Fixed the use of uninitialized values in\nReadCUTImage() (bsc#1140103).\n\nCVE-2019-12978: Fixed the use of uninitialized values in\nReadPANGOImage() (bsc#1139885).\n\nCVE-2019-12974: Fixed a NULL pointer dereference in the\nReadPANGOImage() (bsc#1140111).\n\nCVE-2019-13133: Fixed a memory leak in the ReadBMPImage()\n(bsc#1140100).\n\nCVE-2019-13134: Fixed a memory leak in the ReadVIFFImage()\n(bsc#1140102).\n\nCVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in\ncoders/pcl.c(bsc#1140110).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:2010-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-13134", "CVE-2019-13311", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13307", "CVE-2019-12978", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-13133"], "modified": "2019-08-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ImageMagick-config-6-SUSE", "p-cpe:/a:novell:suse_linux:ImageMagick-debugsource", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:ImageMagick", "p-cpe:/a:novell:suse_linux:libMagick++-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16", "p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo", "p-cpe:/a:novell:suse_linux:ImageMagick-config-6-upstream", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1", "p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16", "p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo", "p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo"], "id": "SUSE_SU-2019-2010-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127750", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2010-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127750);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/03\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13133\", \"CVE-2019-13134\", \"CVE-2019-13135\", \"CVE-2019-13295\", \"CVE-2019-13297\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13310\", \"CVE-2019-13311\", \"CVE-2019-13391\", \"CVE-2019-13454\");\n script_xref(name:\"IAVB\", value:\"2019-B-0062-S\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:2010-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ImageMagick fixes the following issues :\n\nCVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()\n(bsc#1140554).\n\nCVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of\nan error in MagickWand/mogrify.c (bsc#1140501).\n\nCVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of\na wand/mogrify.c error (bsc#1140513).\n\nCVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in\nMagickCore/layer.c (bsc#1141171).\n\nCVE-2019-13295: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).\n\nCVE-2019-13297: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).\n\nCVE-2019-12979: Fixed the use of uninitialized values in\nSyncImageSettings() (bsc#1139886).\n\nCVE-2019-13391: Fixed a heap-based buffer over-read in\nMagickCore/fourier.c (bsc#1140673).\n\nCVE-2019-13308: Fixed a heap-based buffer overflow in\nMagickCore/fourier.c (bsc#1140534).\n\nCVE-2019-13300: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\nCVE-2019-13307: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c (bsc#1140538).\n\nCVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in\ncoders/dpx.c (bsc#1140106).\n\nCVE-2019-13135: Fixed the use of uninitialized values in\nReadCUTImage() (bsc#1140103).\n\nCVE-2019-12978: Fixed the use of uninitialized values in\nReadPANGOImage() (bsc#1139885).\n\nCVE-2019-12974: Fixed a NULL pointer dereference in the\nReadPANGOImage() (bsc#1140111).\n\nCVE-2019-13133: Fixed a memory leak in the ReadBMPImage()\n(bsc#1140100).\n\nCVE-2019-13134: Fixed a memory leak in the ReadVIFFImage()\n(bsc#1140102).\n\nCVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in\ncoders/pcl.c(bsc#1140110).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12975/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12976/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12978/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12979/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13133/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13134/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13135/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13295/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13297/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13300/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13308/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13310/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13311/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13391/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13454/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192010-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9cb8fdd2\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-2010=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2010=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2010=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2010=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-config-6-SUSE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-config-6-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ImageMagick-config-6-SUSE-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ImageMagick-config-6-upstream-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ImageMagick-debugsource-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ImageMagick-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ImageMagick-config-6-SUSE-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ImageMagick-config-6-upstream-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ImageMagick-debuginfo-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ImageMagick-debugsource-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-6.8.8.1-71.126.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.126.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-10T09:06:53", "description": "According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In ImageMagick 7.0.7-29 and earlier, a missing NULL\n check in ReadOneJNGImage in coders/png.c allows an\n attacker to cause a denial of service (WriteBlob\n assertion failure and application exit) via a crafted\n file.(CVE-2018-16749)\n\n - A NULL pointer dereference in the function\n ReadPANGOImage in coders/pango.c and the function\n ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34\n allows remote attackers to cause a denial of service\n via a crafted image.(CVE-2019-12974)\n\n - ImageMagick 7.0.8-34 has a memory leak in the\n ReadPCLImage function in coders/pcl.c.(CVE-2019-12976)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of mishandling the\n NoSuchImage error in CLIListOperatorImages in\n MagickWand/operation.c.(CVE-2019-13309)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c.(CVE-2019-13310)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of a wand/mogrify.c\n error.(CVE-2019-13311)\n\n - In ImageMagick 7.0.7-28, there is an infinite loop in\n the ReadOneMNGImage function of the coders/png.c file.\n Remote attackers could leverage this vulnerability to\n cause a denial of service via a crafted mng\n file.(CVE-2018-10177)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n WriteTIFFImage in coders/tiff.c.(CVE-2018-10804)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WritePSDChannel in coders/psd.c.(CVE-2019-7395)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n ReadSIXELImage in coders/sixel.c.(CVE-2019-7396)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WriteDIBImage in coders/dib.c.(CVE-2019-7398)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the WriteJP2Image function in\n coders/jp2.c.(CVE-2019-12977)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced strncpy and an off-by-one\n error.(CVE-2019-13305)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of\n off-by-one errors.(CVE-2019-13306)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling rows.(CVE-2019-13307)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow in MagickCore/fourier.c in\n ComplexImage.(CVE-2019-13308)\n\n - In ImageMagick 7.0.8-50 Q16, ComplexImages in\n MagickCore/fourier.c has a heap-based buffer over-read\n because of incorrect calls to\n GetCacheViewVirtualPixels.(CVE-2019-13391)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 7, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "title": "EulerOS 2.0 SP8 : ImageMagick (EulerOS-SA-2020-1806)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13297", "CVE-2018-16749", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13307", "CVE-2018-10177", "CVE-2019-13304", "CVE-2019-12978", "CVE-2018-10804", "CVE-2019-7395", "CVE-2019-7396", "CVE-2019-13310", "CVE-2019-7398", "CVE-2019-13308", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-13391"], "modified": "2020-07-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ImageMagick-perl", "p-cpe:/a:huawei:euleros:ImageMagick-c++", "p-cpe:/a:huawei:euleros:ImageMagick", "p-cpe:/a:huawei:euleros:ImageMagick-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1806.NASL", "href": "https://www.tenable.com/plugins/nessus/139136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139136);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2018-10177\",\n \"CVE-2018-10804\",\n \"CVE-2018-16749\",\n \"CVE-2019-12974\",\n \"CVE-2019-12976\",\n \"CVE-2019-12977\",\n \"CVE-2019-12978\",\n \"CVE-2019-12979\",\n \"CVE-2019-13295\",\n \"CVE-2019-13297\",\n \"CVE-2019-13300\",\n \"CVE-2019-13304\",\n \"CVE-2019-13305\",\n \"CVE-2019-13306\",\n \"CVE-2019-13307\",\n \"CVE-2019-13308\",\n \"CVE-2019-13309\",\n \"CVE-2019-13310\",\n \"CVE-2019-13311\",\n \"CVE-2019-13391\",\n \"CVE-2019-7395\",\n \"CVE-2019-7396\",\n \"CVE-2019-7398\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : ImageMagick (EulerOS-SA-2020-1806)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In ImageMagick 7.0.7-29 and earlier, a missing NULL\n check in ReadOneJNGImage in coders/png.c allows an\n attacker to cause a denial of service (WriteBlob\n assertion failure and application exit) via a crafted\n file.(CVE-2018-16749)\n\n - A NULL pointer dereference in the function\n ReadPANGOImage in coders/pango.c and the function\n ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34\n allows remote attackers to cause a denial of service\n via a crafted image.(CVE-2019-12974)\n\n - ImageMagick 7.0.8-34 has a memory leak in the\n ReadPCLImage function in coders/pcl.c.(CVE-2019-12976)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of mishandling the\n NoSuchImage error in CLIListOperatorImages in\n MagickWand/operation.c.(CVE-2019-13309)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c.(CVE-2019-13310)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of a wand/mogrify.c\n error.(CVE-2019-13311)\n\n - In ImageMagick 7.0.7-28, there is an infinite loop in\n the ReadOneMNGImage function of the coders/png.c file.\n Remote attackers could leverage this vulnerability to\n cause a denial of service via a crafted mng\n file.(CVE-2018-10177)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n WriteTIFFImage in coders/tiff.c.(CVE-2018-10804)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WritePSDChannel in coders/psd.c.(CVE-2019-7395)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n ReadSIXELImage in coders/sixel.c.(CVE-2019-7396)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WriteDIBImage in coders/dib.c.(CVE-2019-7398)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the WriteJP2Image function in\n coders/jp2.c.(CVE-2019-12977)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced strncpy and an off-by-one\n error.(CVE-2019-13305)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of\n off-by-one errors.(CVE-2019-13306)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling rows.(CVE-2019-13307)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow in MagickCore/fourier.c in\n ComplexImage.(CVE-2019-13308)\n\n - In ImageMagick 7.0.8-50 Q16, ComplexImages in\n MagickCore/fourier.c has a heap-based buffer over-read\n because of incorrect calls to\n GetCacheViewVirtualPixels.(CVE-2019-13391)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1806\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?df34806a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.9.9.38-3.h15.eulerosv2r8\",\n \"ImageMagick-c++-6.9.9.38-3.h15.eulerosv2r8\",\n \"ImageMagick-libs-6.9.9.38-3.h15.eulerosv2r8\",\n \"ImageMagick-perl-6.9.9.38-3.h15.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-10T09:08:16", "description": "According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadBMPImage in\n coders/bmp.c.(CVE-2019-13133)\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadVIFFImage in\n coders/viff.c.(CVE-2019-13134)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n WriteTIFFImage in coders/tiff.c.(CVE-2018-10804)\n\n - In ImageMagick 7.0.7-28, there is an infinite loop in\n the ReadOneMNGImage function of the coders/png.c file.\n Remote attackers could leverage this vulnerability to\n cause a denial of service via a crafted mng\n file.(CVE-2018-10177)\n\n - In ImageMagick 7.0.7-29 and earlier, a missing NULL\n check in ReadOneJNGImage in coders/png.c allows an\n attacker to cause a denial of service (WriteBlob\n assertion failure and application exit) via a crafted\n file.(CVE-2018-16749)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WritePSDChannel in coders/psd.c.(CVE-2019-7395)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n ReadSIXELImage in coders/sixel.c.(CVE-2019-7396)\n\n - A NULL pointer dereference in the function\n ReadPANGOImage in coders/pango.c and the function\n ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34\n allows remote attackers to cause a denial of service\n via a crafted image.(CVE-2019-12974)\n\n - ImageMagick 7.0.8-34 has a memory leak vulnerability in\n the WriteDPXImage function in\n coders/dpx.c.(CVE-2019-12975)\n\n - ImageMagick 7.0.8-34 has a memory leak in the\n ReadPCLImage function in coders/pcl.c.(CVE-2019-12976)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the WriteJP2Image function in\n coders/jp2.c.(CVE-2019-12977)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadPSImage in\n coders/ps.c.(CVE-2019-13137)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced strncpy and an off-by-one\n error.(CVE-2019-13305)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of\n off-by-one errors.(CVE-2019-13306)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling rows.(CVE-2019-13307)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks in\n AcquireMagickMemory because of an AnnotateImage\n error.(CVE-2019-13301)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of mishandling the\n NoSuchImage error in CLIListOperatorImages in\n MagickWand/operation.c.(CVE-2019-13309)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c.(CVE-2019-13310)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of a wand/mogrify.c\n error.(CVE-2019-13311)\n\n - In ImageMagick 7.0.8-50 Q16, ComplexImages in\n MagickCore/fourier.c has a heap-based buffer over-read\n because of incorrect calls to\n GetCacheViewVirtualPixels.(CVE-2019-13391)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow in MagickCore/fourier.c in\n ComplexImage.(CVE-2019-13308)\n\n - ImageMagick 7.0.8-54 Q16 allows Division by Zero in\n RemoveDuplicateLayers in\n MagickCore/layer.c.(CVE-2019-13454)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n ReadYCBCRImage in coders/ycbcr.c.(CVE-2018-10805)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-11-03T00:00:00", "title": "EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2020-2349)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13297", "CVE-2019-13134", "CVE-2018-16749", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13307", "CVE-2018-10177", "CVE-2019-13304", "CVE-2019-12978", "CVE-2018-10804", "CVE-2019-7395", "CVE-2019-7396", "CVE-2019-13310", "CVE-2019-13308", "CVE-2018-10805", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-13133"], "modified": "2020-11-03T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ImageMagick-perl", "p-cpe:/a:huawei:euleros:ImageMagick-c++", "p-cpe:/a:huawei:euleros:ImageMagick", "p-cpe:/a:huawei:euleros:ImageMagick-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2349.NASL", "href": "https://www.tenable.com/plugins/nessus/142319", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142319);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2018-10177\",\n \"CVE-2018-10804\",\n \"CVE-2018-10805\",\n \"CVE-2018-16749\",\n \"CVE-2019-12974\",\n \"CVE-2019-12975\",\n \"CVE-2019-12976\",\n \"CVE-2019-12977\",\n \"CVE-2019-12978\",\n \"CVE-2019-12979\",\n \"CVE-2019-13133\",\n \"CVE-2019-13134\",\n \"CVE-2019-13137\",\n \"CVE-2019-13295\",\n \"CVE-2019-13297\",\n \"CVE-2019-13300\",\n \"CVE-2019-13301\",\n \"CVE-2019-13304\",\n \"CVE-2019-13305\",\n \"CVE-2019-13306\",\n \"CVE-2019-13307\",\n \"CVE-2019-13308\",\n \"CVE-2019-13309\",\n \"CVE-2019-13310\",\n \"CVE-2019-13311\",\n \"CVE-2019-13391\",\n \"CVE-2019-13454\",\n \"CVE-2019-7395\",\n \"CVE-2019-7396\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2020-2349)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadBMPImage in\n coders/bmp.c.(CVE-2019-13133)\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadVIFFImage in\n coders/viff.c.(CVE-2019-13134)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n WriteTIFFImage in coders/tiff.c.(CVE-2018-10804)\n\n - In ImageMagick 7.0.7-28, there is an infinite loop in\n the ReadOneMNGImage function of the coders/png.c file.\n Remote attackers could leverage this vulnerability to\n cause a denial of service via a crafted mng\n file.(CVE-2018-10177)\n\n - In ImageMagick 7.0.7-29 and earlier, a missing NULL\n check in ReadOneJNGImage in coders/png.c allows an\n attacker to cause a denial of service (WriteBlob\n assertion failure and application exit) via a crafted\n file.(CVE-2018-16749)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n WritePSDChannel in coders/psd.c.(CVE-2019-7395)\n\n - In ImageMagick before 7.0.8-25, a memory leak exists in\n ReadSIXELImage in coders/sixel.c.(CVE-2019-7396)\n\n - A NULL pointer dereference in the function\n ReadPANGOImage in coders/pango.c and the function\n ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34\n allows remote attackers to cause a denial of service\n via a crafted image.(CVE-2019-12974)\n\n - ImageMagick 7.0.8-34 has a memory leak vulnerability in\n the WriteDPXImage function in\n coders/dpx.c.(CVE-2019-12975)\n\n - ImageMagick 7.0.8-34 has a memory leak in the\n ReadPCLImage function in coders/pcl.c.(CVE-2019-12976)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the WriteJP2Image function in\n coders/jp2.c.(CVE-2019-12977)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\n - ImageMagick before 7.0.8-50 has a memory leak\n vulnerability in the function ReadPSImage in\n coders/ps.c.(CVE-2019-13137)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced strncpy and an off-by-one\n error.(CVE-2019-13305)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of\n off-by-one errors.(CVE-2019-13306)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling rows.(CVE-2019-13307)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks in\n AcquireMagickMemory because of an AnnotateImage\n error.(CVE-2019-13301)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of mishandling the\n NoSuchImage error in CLIListOperatorImages in\n MagickWand/operation.c.(CVE-2019-13309)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c.(CVE-2019-13310)\n\n - ImageMagick 7.0.8-50 Q16 has memory leaks at\n AcquireMagickMemory because of a wand/mogrify.c\n error.(CVE-2019-13311)\n\n - In ImageMagick 7.0.8-50 Q16, ComplexImages in\n MagickCore/fourier.c has a heap-based buffer over-read\n because of incorrect calls to\n GetCacheViewVirtualPixels.(CVE-2019-13391)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow in MagickCore/fourier.c in\n ComplexImage.(CVE-2019-13308)\n\n - ImageMagick 7.0.8-54 Q16 allows Division by Zero in\n RemoveDuplicateLayers in\n MagickCore/layer.c.(CVE-2019-13454)\n\n - ImageMagick version 7.0.7-28 contains a memory leak in\n ReadYCBCRImage in coders/ycbcr.c.(CVE-2018-10805)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2349\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6eb6af2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13391\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.9.9.38-1.h8\",\n \"ImageMagick-c++-6.9.9.38-1.h8\",\n \"ImageMagick-libs-6.9.9.38-1.h8\",\n \"ImageMagick-perl-6.9.9.38-1.h8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-10T09:00:08", "description": "According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick before 7.0.8-50 has a 'use of uninitialized\n value' vulnerability in the function ReadCUTImage in\n coders/cut.c.(CVE-2019-13135)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-09-16T00:00:00", "title": "EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1889)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-13295", "CVE-2019-12979"], "modified": "2019-09-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ImageMagick-perl", "p-cpe:/a:huawei:euleros:ImageMagick-c++", "p-cpe:/a:huawei:euleros:ImageMagick", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1889.NASL", "href": "https://www.tenable.com/plugins/nessus/128812", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128812);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2019-12978\",\n \"CVE-2019-12979\",\n \"CVE-2019-13135\",\n \"CVE-2019-13295\",\n \"CVE-2019-13297\",\n \"CVE-2019-13300\",\n \"CVE-2019-13304\"\n );\n script_xref(name:\"IAVB\", value:\"2019-B-0062-S\");\n\n script_name(english:\"EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1889)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ImageMagick packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - ImageMagick before 7.0.8-50 has a 'use of uninitialized\n value' vulnerability in the function ReadCUTImage in\n coders/cut.c.(CVE-2019-13135)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a width of zero is\n mishandled.(CVE-2019-13295)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n over-read at MagickCore/threshold.c in\n AdaptiveThresholdImage because a height of zero is\n mishandled.(CVE-2019-13297)\n\n - ImageMagick 7.0.8-50 Q16 has a heap-based buffer\n overflow at MagickCore/statistic.c in EvaluateImages\n because of mishandling columns.(CVE-2019-13300)\n\n - ImageMagick 7.0.8-50 Q16 has a stack-based buffer\n overflow at coders/pnm.c in WritePNMImage because of a\n misplaced assignment.(CVE-2019-13304)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the ReadPANGOImage function in\n coders/pango.c.(CVE-2019-12978)\n\n - ImageMagick 7.0.8-34 has a 'use of uninitialized value'\n vulnerability in the SyncImageSettings function in\n MagickCore/image.c. This is related to AcquireImage in\n magick/image.c.(CVE-2019-12979)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1889\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b80af593\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ImageMagick packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-c++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ImageMagick-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ImageMagick-6.7.8.9-15.h26.eulerosv2r7\",\n \"ImageMagick-c++-6.7.8.9-15.h26.eulerosv2r7\",\n \"ImageMagick-perl-6.7.8.9-15.h26.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T03:32:25", "description": "The version of ImageMagick installed on the remote Windows host is prior to 7.0.8-35. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - A 'use of uninitialized value' vulnerability in the WriteJP2Image function in coders/jp2.c. (CVE-2019-12977)\n\n - A 'use of uninitialized value' vulnerability in the ReadPANGOImage function in coders/pango.c. (CVE-2019-12978)\n\n - A 'use of uninitialized value' vulnerability in the SyncImageSettings function in MagickCore/image.c. This is\n related to AcquireImage in magick/image.c. (CVE-2019-12979)\n\nNote that the application may also be affected by additional\nvulnerabilities. Refer to the vendor for additional information.", "edition": 19, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-07-12T00:00:00", "title": "ImageMagick < 7.0.8-35 Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-12976", "CVE-2019-12978", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-12979", "CVE-2019-12975"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:imagemagick:imagemagick"], "id": "IMAGEMAGICK_7_0_8-35.NASL", "href": "https://www.tenable.com/plugins/nessus/126638", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126638);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/10/18 23:14:15\");\n\n script_cve_id(\n \"CVE-2019-12974\",\n \"CVE-2019-12975\",\n \"CVE-2019-12976\",\n \"CVE-2019-12977\",\n \"CVE-2019-12978\",\n \"CVE-2019-12979\"\n );\n script_bugtraq_id(108913);\n\n script_name(english:\"ImageMagick < 7.0.8-35 Multiple vulnerabilities\");\n script_summary(english:\"Checks the version of ImageMagick.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote Windows host is affected by multiple vulnerability\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of ImageMagick installed on the remote Windows host is prior to 7.0.8-35. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - A 'use of uninitialized value' vulnerability in the WriteJP2Image function in coders/jp2.c. (CVE-2019-12977)\n\n - A 'use of uninitialized value' vulnerability in the ReadPANGOImage function in coders/pango.c. (CVE-2019-12978)\n\n - A 'use of uninitialized value' vulnerability in the SyncImageSettings function in MagickCore/image.c. This is\n related to AcquireImage in magick/image.c. (CVE-2019-12979)\n\nNote that the application may also be affected by additional\nvulnerabilities. Refer to the vendor for additional information.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1515\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1520\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/ImageMagick/ImageMagick/issues/1522\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to ImageMagick version 7.0.8-35 or later. Note that you may\nalso need to manually uninstall the vulnerable version from the system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-12977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:imagemagick:imagemagick\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"imagemagick_installed.nasl\");\n script_require_keys(\"installed_sw/ImageMagick\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvcf::imagemagick::initialize();\napp_info = vcf::imagemagick::get_app_info();\n\nconstraints = [{'fixed_version' : '7.0.8-35'}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:20:12", "description": "This update for ImageMagick fixes the following issues :\n\nCVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()\n(bsc#1140554).\n\nCVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to\nmishandling the NoSuchImage error in CLIListOperatorImages\n(bsc#1140520).\n\nCVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of\nan error in MagickWand/mogrify.c (bsc#1140501).\n\nCVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of\na wand/mogrify.c error (bsc#1140513).\n\nCVE-2019-13303: Fixed a heap-based buffer over-read in\nMagickCore/composite.c in CompositeImage (bsc#1140549).\n\nCVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of\nan error in CLIListOperatorImages in MagickWand/operation.c\n(bsc#1140665).\n\nCVE-2019-13299: Fixed a heap-based buffer over-read at\nMagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668).\n\nCVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in\nMagickCore/layer.c (bsc#1141171).\n\nCVE-2019-13295: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).\n\nCVE-2019-13297: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).\n\nCVE-2019-12979: Fixed the use of uninitialized values in\nSyncImageSettings() (bsc#1139886).\n\nCVE-2019-13391: Fixed a heap-based buffer over-read in\nMagickCore/fourier.c (bsc#1140673).\n\nCVE-2019-13308: Fixed a heap-based buffer overflow in\nMagickCore/fourier.c (bsc#1140534).\n\nCVE-2019-13302: Fixed a heap-based buffer over-read in\nMagickCore/fourier.c in ComplexImages (bsc#1140552).\n\nCVE-2019-13298: Fixed a heap-based buffer overflow at\nMagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667).\n\nCVE-2019-13300: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\nCVE-2019-13307: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c (bsc#1140538).\n\nCVE-2019-12977: Fixed the use of uninitialized values in\nWriteJP2Imag() (bsc#1139884).\n\nCVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in\ncoders/dpx.c (bsc#1140106).\n\nCVE-2019-13135: Fixed the use of uninitialized values in\nReadCUTImage() (bsc#1140103).\n\nCVE-2019-12978: Fixed the use of uninitialized values in\nReadPANGOImage() (bsc#1139885).\n\nCVE-2019-12974: Fixed a NULL pointer dereference in the\nReadPANGOImage() (bsc#1140111).\n\nCVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in\nWritePNMImage (bsc#1140547).\n\nCVE-2019-13305: Fixed one more stack-based buffer overflow at\ncoders/pnm.c in WritePNMImage (bsc#1140545).\n\nCVE-2019-13306: Fixed an additional stack-based buffer overflow at\ncoders/pnm.c in WritePNMImage (bsc#1140543).\n\nCVE-2019-13133: Fixed a memory leak in the ReadBMPImage()\n(bsc#1140100).\n\nCVE-2019-13134: Fixed a memory leak in the ReadVIFFImage()\n(bsc#1140102).\n\nCVE-2019-13137: Fixed a memory leak in the ReadPSImage()\n(bsc#1140105).\n\nCVE-2019-13136: Fixed a integer overflow vulnerability in the\nTIFFSeekCustomStream() (bsc#1140104).\n\nCVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in\ncoders/pcl.c(bsc#1140110).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2019:2106-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13298", "CVE-2019-13297", "CVE-2019-13134", "CVE-2019-13311", "CVE-2019-13303", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13302", "CVE-2019-13136", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-13299", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-13296", "CVE-2019-13133"], "modified": "2019-08-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libMagickCore-7_Q16HDRI6-debuginfo", "p-cpe:/a:novell:suse_linux:ImageMagick-config-7-SUSE", "p-cpe:/a:novell:suse_linux:libMagickWand-7_Q16HDRI6-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickWand-7_Q16HDRI6", "p-cpe:/a:novell:suse_linux:ImageMagick-debugsource", "p-cpe:/a:novell:suse_linux:ImageMagick-devel", "p-cpe:/a:novell:suse_linux:ImageMagick", "p-cpe:/a:novell:suse_linux:libMagickCore", "p-cpe:/a:novell:suse_linux:libMagick++-7_Q16HDRI4", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo", "p-cpe:/a:novell:suse_linux:perl-PerlMagick", "p-cpe:/a:novell:suse_linux:libMagick++-devel", "p-cpe:/a:novell:suse_linux:libMagickCore-7_Q16HDRI6", "p-cpe:/a:novell:suse_linux:ImageMagick-extra", "p-cpe:/a:novell:suse_linux:libMagick++-7_Q16HDRI4-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:ImageMagick-extra-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickWand-7_Q16HDRI6-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickCore-7_Q16HDRI6-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libMagickWand", "p-cpe:/a:novell:suse_linux:libMagick++", "p-cpe:/a:novell:suse_linux:libMagick++-7_Q16HDRI4-debuginfo", "p-cpe:/a:novell:suse_linux:perl-PerlMagick-debuginfo", "p-cpe:/a:novell:suse_linux:ImageMagick-config-7-upstream"], "id": "SUSE_SU-2019-2106-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127790", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2106-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127790);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13133\", \"CVE-2019-13134\", \"CVE-2019-13135\", \"CVE-2019-13136\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13296\", \"CVE-2019-13297\", \"CVE-2019-13298\", \"CVE-2019-13299\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13302\", \"CVE-2019-13303\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13306\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13310\", \"CVE-2019-13311\", \"CVE-2019-13391\", \"CVE-2019-13454\");\n script_xref(name:\"IAVB\", value:\"2019-B-0062-S\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2019:2106-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ImageMagick fixes the following issues :\n\nCVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()\n(bsc#1140554).\n\nCVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to\nmishandling the NoSuchImage error in CLIListOperatorImages\n(bsc#1140520).\n\nCVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of\nan error in MagickWand/mogrify.c (bsc#1140501).\n\nCVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of\na wand/mogrify.c error (bsc#1140513).\n\nCVE-2019-13303: Fixed a heap-based buffer over-read in\nMagickCore/composite.c in CompositeImage (bsc#1140549).\n\nCVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of\nan error in CLIListOperatorImages in MagickWand/operation.c\n(bsc#1140665).\n\nCVE-2019-13299: Fixed a heap-based buffer over-read at\nMagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668).\n\nCVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in\nMagickCore/layer.c (bsc#1141171).\n\nCVE-2019-13295: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).\n\nCVE-2019-13297: Fixed a heap-based buffer over-read at\nMagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).\n\nCVE-2019-12979: Fixed the use of uninitialized values in\nSyncImageSettings() (bsc#1139886).\n\nCVE-2019-13391: Fixed a heap-based buffer over-read in\nMagickCore/fourier.c (bsc#1140673).\n\nCVE-2019-13308: Fixed a heap-based buffer overflow in\nMagickCore/fourier.c (bsc#1140534).\n\nCVE-2019-13302: Fixed a heap-based buffer over-read in\nMagickCore/fourier.c in ComplexImages (bsc#1140552).\n\nCVE-2019-13298: Fixed a heap-based buffer overflow at\nMagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667).\n\nCVE-2019-13300: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\nCVE-2019-13307: Fixed a heap-based buffer overflow at\nMagickCore/statistic.c (bsc#1140538).\n\nCVE-2019-12977: Fixed the use of uninitialized values in\nWriteJP2Imag() (bsc#1139884).\n\nCVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in\ncoders/dpx.c (bsc#1140106).\n\nCVE-2019-13135: Fixed the use of uninitialized values in\nReadCUTImage() (bsc#1140103).\n\nCVE-2019-12978: Fixed the use of uninitialized values in\nReadPANGOImage() (bsc#1139885).\n\nCVE-2019-12974: Fixed a NULL pointer dereference in the\nReadPANGOImage() (bsc#1140111).\n\nCVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in\nWritePNMImage (bsc#1140547).\n\nCVE-2019-13305: Fixed one more stack-based buffer overflow at\ncoders/pnm.c in WritePNMImage (bsc#1140545).\n\nCVE-2019-13306: Fixed an additional stack-based buffer overflow at\ncoders/pnm.c in WritePNMImage (bsc#1140543).\n\nCVE-2019-13133: Fixed a memory leak in the ReadBMPImage()\n(bsc#1140100).\n\nCVE-2019-13134: Fixed a memory leak in the ReadVIFFImage()\n(bsc#1140102).\n\nCVE-2019-13137: Fixed a memory leak in the ReadPSImage()\n(bsc#1140105).\n\nCVE-2019-13136: Fixed a integer overflow vulnerability in the\nTIFFSeekCustomStream() (bsc#1140104).\n\nCVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in\ncoders/pcl.c(bsc#1140110).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140520\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12975/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12976/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12977/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12978/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-12979/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13133/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13134/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13135/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13136/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13137/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13295/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13296/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13297/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13298/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13299/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13300/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13302/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13303/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13304/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13305/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13306/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13307/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13308/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13309/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13310/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13311/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13391/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13454/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192106-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6befa13\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2106=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2106=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2106=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2019-2106=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1:zypper in\n-t patch SUSE-SLE-Module-Desktop-Applications-15-SP1-2019-2106=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-2106=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-config-7-SUSE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-config-7-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-7_Q16HDRI4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-7_Q16HDRI4-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-7_Q16HDRI4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-7_Q16HDRI6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-7_Q16HDRI6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickCore-7_Q16HDRI6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-7_Q16HDRI6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-7_Q16HDRI6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libMagickWand-7_Q16HDRI6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-7_Q16HDRI4-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-config-7-SUSE-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-config-7-upstream-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-debugsource-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-extra-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"ImageMagick-extra-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagick++-7_Q16HDRI4-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagick++-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagickCore-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagickWand-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"perl-PerlMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"perl-PerlMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-config-7-SUSE-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-config-7-upstream-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-debugsource-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-extra-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ImageMagick-extra-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagick++-7_Q16HDRI4-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagick++-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagickCore-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagickWand-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"perl-PerlMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"perl-PerlMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-7_Q16HDRI4-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-config-7-SUSE-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-config-7-upstream-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-debugsource-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-extra-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"ImageMagick-extra-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagick++-7_Q16HDRI4-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagick++-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagickCore-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagickWand-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"perl-PerlMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"perl-PerlMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-config-7-SUSE-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-config-7-upstream-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-debugsource-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-extra-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ImageMagick-extra-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagick++-7_Q16HDRI4-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagick++-devel-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagickCore-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagickWand-7_Q16HDRI6-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"perl-PerlMagick-7.0.7.34-3.67.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"perl-PerlMagick-debuginfo-7.0.7.34-3.67.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-24T09:09:13", "description": "This update for ImageMagick fixes the following issues :\n\n - CVE-2019-13301: Fixed a memory leak in\n AcquireMagickMemory() (bsc#1140554).\n\n - CVE-2019-13309: Fixed a memory leak at\n AcquireMagickMemory due to mishandling the NoSuchImage\n error in CLIListOperatorImages (bsc#1140520).\n\n - CVE-2019-13310: Fixed a memory leak at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c (bsc#1140501).\n\n - CVE-2019-13311: Fixed a memory leak at\n AcquireMagickMemory because of a wand/mogrify.c error\n (bsc#1140513).\n\n - CVE-2019-13303: Fixed a heap-based buffer over-read in\n MagickCore/composite.c in CompositeImage (bsc#1140549).\n\n - CVE-2019-13296: Fixed a memory leak in\n AcquireMagickMemory because of an error in\n CLIListOperatorImages in MagickWand/operation.c\n (bsc#1140665).\n\n - CVE-2019-13299: Fixed a heap-based buffer over-read at\n MagickCore/pixel-accessor.h in GetPixelChannel\n (bsc#1140668).\n\n - CVE-2019-13454: Fixed a division by zero in\n RemoveDuplicateLayers in MagickCore/layer.c\n (bsc#1141171).\n\n - CVE-2019-13295: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage\n (bsc#1140664).\n\n - CVE-2019-13297: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage\n (bsc#1140666).\n\n - CVE-2019-12979: Fixed the use of uninitialized values in\n SyncImageSettings() (bsc#1139886).\n\n - CVE-2019-13391: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c (bsc#1140673).\n\n - CVE-2019-13308: Fixed a heap-based buffer overflow in\n MagickCore/fourier.c (bsc#1140534).\n\n - CVE-2019-13302: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c in ComplexImages (bsc#1140552).\n\n - CVE-2019-13298: Fixed a heap-based buffer overflow at\n MagickCore/pixel-accessor.h in SetPixelViaPixelInfo\n (bsc#1140667).\n\n - CVE-2019-13300: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\n - CVE-2019-13307: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c (bsc#1140538).\n\n - CVE-2019-12977: Fixed the use of uninitialized values in\n WriteJP2Imag() (bsc#1139884).\n\n - CVE-2019-12975: Fixed a memory leak in the\n WriteDPXImage() in coders/dpx.c (bsc#1140106).\n\n - CVE-2019-13135: Fixed the use of uninitialized values in\n ReadCUTImage() (bsc#1140103).\n\n - CVE-2019-12978: Fixed the use of uninitialized values in\n ReadPANGOImage() (bsc#1139885).\n\n - CVE-2019-12974: Fixed a NULL pointer dereference in the\n ReadPANGOImage() (bsc#1140111).\n\n - CVE-2019-13304: Fixed a stack-based buffer overflow at\n coders/pnm.c in WritePNMImage (bsc#1140547).\n\n - CVE-2019-13305: Fixed one more stack-based buffer\n overflow at coders/pnm.c in WritePNMImage (bsc#1140545).\n\n - CVE-2019-13306: Fixed an additional stack-based buffer\n overflow at coders/pnm.c in WritePNMImage (bsc#1140543).\n\n - CVE-2019-13133: Fixed a memory leak in the\n ReadBMPImage() (bsc#1140100).\n\n - CVE-2019-13134: Fixed a memory leak in the\n ReadVIFFImage() (bsc#1140102).\n\n - CVE-2019-13137: Fixed a memory leak in the ReadPSImage()\n (bsc#1140105).\n\n - CVE-2019-13136: Fixed a integer overflow vulnerability\n in the TIFFSeekCustomStream() (bsc#1140104).\n\n - CVE-2019-12976: Fixed a memory leak in the\n ReadPCLImage() in coders/pcl.c(bsc#1140110).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 16, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-08-22T00:00:00", "title": "openSUSE Security Update : ImageMagick (openSUSE-2019-1983)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13298", "CVE-2019-13297", "CVE-2019-13134", "CVE-2019-13311", "CVE-2019-13303", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13302", "CVE-2019-13136", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-13299", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-13296", "CVE-2019-13133"], "modified": "2019-08-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6-32bit", "p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit", "p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:ImageMagick-devel", "p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4-debuginfo", "p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-config-7-SUSE", "p-cpe:/a:novell:opensuse:ImageMagick-extra", "p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6-32bit-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick-debugsource", "p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo", "p-cpe:/a:novell:opensuse:ImageMagick", "p-cpe:/a:novell:opensuse:ImageMagick-config-7-upstream", "p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6", "p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6-32bit", "p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4-32bit", "p-cpe:/a:novell:opensuse:libMagick++-devel-32bit", "p-cpe:/a:novell:opensuse:perl-PerlMagick", "p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libMagick++-devel", "p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4"], "id": "OPENSUSE-2019-1983.NASL", "href": "https://www.tenable.com/plugins/nessus/128070", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1983.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128070);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2019-12974\", \"CVE-2019-12975\", \"CVE-2019-12976\", \"CVE-2019-12977\", \"CVE-2019-12978\", \"CVE-2019-12979\", \"CVE-2019-13133\", \"CVE-2019-13134\", \"CVE-2019-13135\", \"CVE-2019-13136\", \"CVE-2019-13137\", \"CVE-2019-13295\", \"CVE-2019-13296\", \"CVE-2019-13297\", \"CVE-2019-13298\", \"CVE-2019-13299\", \"CVE-2019-13300\", \"CVE-2019-13301\", \"CVE-2019-13302\", \"CVE-2019-13303\", \"CVE-2019-13304\", \"CVE-2019-13305\", \"CVE-2019-13306\", \"CVE-2019-13307\", \"CVE-2019-13308\", \"CVE-2019-13309\", \"CVE-2019-13310\", \"CVE-2019-13311\", \"CVE-2019-13391\", \"CVE-2019-13454\");\n script_xref(name:\"IAVB\", value:\"2019-B-0062-S\");\n\n script_name(english:\"openSUSE Security Update : ImageMagick (openSUSE-2019-1983)\");\n script_summary(english:\"Check for the openSUSE-2019-1983 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ImageMagick fixes the following issues :\n\n - CVE-2019-13301: Fixed a memory leak in\n AcquireMagickMemory() (bsc#1140554).\n\n - CVE-2019-13309: Fixed a memory leak at\n AcquireMagickMemory due to mishandling the NoSuchImage\n error in CLIListOperatorImages (bsc#1140520).\n\n - CVE-2019-13310: Fixed a memory leak at\n AcquireMagickMemory because of an error in\n MagickWand/mogrify.c (bsc#1140501).\n\n - CVE-2019-13311: Fixed a memory leak at\n AcquireMagickMemory because of a wand/mogrify.c error\n (bsc#1140513).\n\n - CVE-2019-13303: Fixed a heap-based buffer over-read in\n MagickCore/composite.c in CompositeImage (bsc#1140549).\n\n - CVE-2019-13296: Fixed a memory leak in\n AcquireMagickMemory because of an error in\n CLIListOperatorImages in MagickWand/operation.c\n (bsc#1140665).\n\n - CVE-2019-13299: Fixed a heap-based buffer over-read at\n MagickCore/pixel-accessor.h in GetPixelChannel\n (bsc#1140668).\n\n - CVE-2019-13454: Fixed a division by zero in\n RemoveDuplicateLayers in MagickCore/layer.c\n (bsc#1141171).\n\n - CVE-2019-13295: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage\n (bsc#1140664).\n\n - CVE-2019-13297: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage\n (bsc#1140666).\n\n - CVE-2019-12979: Fixed the use of uninitialized values in\n SyncImageSettings() (bsc#1139886).\n\n - CVE-2019-13391: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c (bsc#1140673).\n\n - CVE-2019-13308: Fixed a heap-based buffer overflow in\n MagickCore/fourier.c (bsc#1140534).\n\n - CVE-2019-13302: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c in ComplexImages (bsc#1140552).\n\n - CVE-2019-13298: Fixed a heap-based buffer overflow at\n MagickCore/pixel-accessor.h in SetPixelViaPixelInfo\n (bsc#1140667).\n\n - CVE-2019-13300: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c in EvaluateImages (bsc#1140669).\n\n - CVE-2019-13307: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c (bsc#1140538).\n\n - CVE-2019-12977: Fixed the use of uninitialized values in\n WriteJP2Imag() (bsc#1139884).\n\n - CVE-2019-12975: Fixed a memory leak in the\n WriteDPXImage() in coders/dpx.c (bsc#1140106).\n\n - CVE-2019-13135: Fixed the use of uninitialized values in\n ReadCUTImage() (bsc#1140103).\n\n - CVE-2019-12978: Fixed the use of uninitialized values in\n ReadPANGOImage() (bsc#1139885).\n\n - CVE-2019-12974: Fixed a NULL pointer dereference in the\n ReadPANGOImage() (bsc#1140111).\n\n - CVE-2019-13304: Fixed a stack-based buffer overflow at\n coders/pnm.c in WritePNMImage (bsc#1140547).\n\n - CVE-2019-13305: Fixed one more stack-based buffer\n overflow at coders/pnm.c in WritePNMImage (bsc#1140545).\n\n - CVE-2019-13306: Fixed an additional stack-based buffer\n overflow at coders/pnm.c in WritePNMImage (bsc#1140543).\n\n - CVE-2019-13133: Fixed a memory leak in the\n ReadBMPImage() (bsc#1140100).\n\n - CVE-2019-13134: Fixed a memory leak in the\n ReadVIFFImage() (bsc#1140102).\n\n - CVE-2019-13137: Fixed a memory leak in the ReadPSImage()\n (bsc#1140105).\n\n - CVE-2019-13136: Fixed a integer overflow vulnerability\n in the TIFFSeekCustomStream() (bsc#1140104).\n\n - CVE-2019-12976: Fixed a memory leak in the\n ReadPCLImage() in coders/pcl.c(bsc#1140110).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139884\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139886\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140100\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140111\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140501\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140520\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140534\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140552\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140664\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140673\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141171\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected ImageMagick packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-config-7-SUSE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-config-7-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ImageMagick-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-7_Q16HDRI4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagick++-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickCore-7_Q16HDRI6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libMagickWand-7_Q16HDRI6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:perl-PerlMagick-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-config-7-SUSE-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-config-7-upstream-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-debugsource-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-devel-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-extra-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"ImageMagick-extra-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagick++-7_Q16HDRI4-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagick++-devel-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagickCore-7_Q16HDRI6-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagickWand-7_Q16HDRI6-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-PerlMagick-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"perl-PerlMagick-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"ImageMagick-devel-32bit-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagick++-devel-32bit-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-lp151.7.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ImageMagick / ImageMagick-config-7-SUSE / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-03-01T02:48:45", "description": "cvedetails.com reports :\n\nCVE-2019-7175: In ImageMagick before 7.0.8-25, some memory leaks exist\nin DecodeImage in coders/pcd.c.\n\nCVE-2019-7395: In ImageMagick before 7.0.8-25, a memory leak exists in\nWritePSDChannel in coders/psd.c.\n\nCVE-2019-7396: In ImageMagick before 7.0.8-25, a memory leak exists in\nReadSIXELImage in coders/sixel.c.\n\nCVE-2019-7397: In ImageMagick before 7.0.8-25 and GraphicsMagick\nthrough 1.3.31, several memory leaks exist in WritePDFImage in\ncoders/pdf.c.\n\nCVE-2019-7398: In ImageMagick before 7.0.8-25, a memory leak exists in\nWriteDIBImage in coders/dib.c.\n\nCVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based\nbuffer overflow in the function PopHexPixel of coders/ps.c, which\nallows an attacker to cause a denial of service or code execution via\na crafted image file.\n\nCVE-2019-10131: An off-by-one read vulnerability was discovered in\nImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer\nfunction in coders/meta.c. A local attacker may use this flaw to read\nbeyond the end of the buffer or to crash the program.\n\nCVE-2019-10649: In ImageMagick 7.0.8-36 Q16, there is a memory leak in\nthe function SVGKeyValuePairs of coders/svg.c, which allows an\nattacker to cause a denial of service via a crafted image file.\n\nCVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based\nbuffer over-read in the function WriteTIFFImage of coders/tiff.c,\nwhich allows an attacker to cause a denial of service or information\ndisclosure via a crafted image file.\n\nCVE-2019-10714: LocaleLowercase in MagickCore/locale.c in ImageMagick\nbefore 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.\n\nCVE-2019-11470: The cineon parsing component in ImageMagick 7.0.8-26\nQ16 allows attackers to cause a denial-of-service (uncontrolled\nresource consumption) by crafting a Cineon image with an incorrect\nclaimed image size. This occurs because ReadCINImage in coders/cin.c\nlacks a check for insufficient image data in a file.\n\nCVE-2019-11472: ReadXWDImage in coders/xwd.c in the XWD image parsing\ncomponent of ImageMagick 7.0.8-41 Q16 allows attackers to cause a\ndenial-of-service (divide-by-zero error) by crafting an XWD image file\nin which the header indicates neither LSB first nor MSB first.\n\nCVE-2019-11597: In ImageMagick 7.0.8-43 Q16, there is a heap-based\nbuffer over-read in the function WriteTIFFImage of coders/tiff.c,\nwhich allows an attacker to cause a denial of service or possibly\ninformation disclosure via a crafted image file.\n\nCVE-2019-11598: In ImageMagick 7.0.8-40 Q16, there is a heap-based\nbuffer over-read in the function WritePNMImage of coders/pnm.c, which\nallows an attacker to cause a denial of service or possibly\ninformation disclosure via a crafted image file. This is related to\nSetGrayscaleImage in MagickCore/quantize.c.", "edition": 19, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-05-31T00:00:00", "title": "FreeBSD : ImageMagick -- multiple vulnerabilities (183d700e-ec70-487e-a9c4-632324afa934)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-10650", "CVE-2019-7175", "CVE-2019-10714", "CVE-2019-10131", "CVE-2019-11598", "CVE-2019-7395", "CVE-2019-7396", "CVE-2019-7398", "CVE-2019-9956", "CVE-2019-11597", "CVE-2019-11472", "CVE-2019-10649", "CVE-2019-11470", "CVE-2019-7397"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ImageMagick6-nox11", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ImageMagick7", "p-cpe:/a:freebsd:freebsd:ImageMagick6", "p-cpe:/a:freebsd:freebsd:ImageMagick7-nox11"], "id": "FREEBSD_PKG_183D700EEC70487EA9C4632324AFA934.NASL", "href": "https://www.tenable.com/plugins/nessus/125614", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125614);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/13\");\n\n script_cve_id(\"CVE-2019-10131\", \"CVE-2019-10649\", \"CVE-2019-10650\", \"CVE-2019-10714\", \"CVE-2019-11470\", \"CVE-2019-11472\", \"CVE-2019-11597\", \"CVE-2019-11598\", \"CVE-2019-7175\", \"CVE-2019-7395\", \"CVE-2019-7396\", \"CVE-2019-7397\", \"CVE-2019-7398\", \"CVE-2019-9956\");\n\n script_name(english:\"FreeBSD : ImageMagick -- multiple vulnerabilities (183d700e-ec70-487e-a9c4-632324afa934)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"cvedetails.com reports :\n\nCVE-2019-7175: In ImageMagick before 7.0.8-25, some memory leaks exist\nin DecodeImage in coders/pcd.c.\n\nCVE-2019-7395: In ImageMagick before 7.0.8-25, a memory leak exists in\nWritePSDChannel in coders/psd.c.\n\nCVE-2019-7396: In ImageMagick before 7.0.8-25, a memory leak exists in\nReadSIXELImage in coders/sixel.c.\n\nCVE-2019-7397: In ImageMagick before 7.0.8-25 and GraphicsMagick\nthrough 1.3.31, several memory leaks exist in WritePDFImage in\ncoders/pdf.c.\n\nCVE-2019-7398: In ImageMagick before 7.0.8-25, a memory leak exists in\nWriteDIBImage in coders/dib.c.\n\nCVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based\nbuffer overflow in the function PopHexPixel of coders/ps.c, which\nallows an attacker to cause a denial of service or code execution via\na crafted image file.\n\nCVE-2019-10131: An off-by-one read vulnerability was discovered in\nImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer\nfunction in coders/meta.c. A local attacker may use this flaw to read\nbeyond the end of the buffer or to crash the program.\n\nCVE-2019-10649: In ImageMagick 7.0.8-36 Q16, there is a memory leak in\nthe function SVGKeyValuePairs of coders/svg.c, which allows an\nattacker to cause a denial of service via a crafted image file.\n\nCVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based\nbuffer over-read in the function WriteTIFFImage of coders/tiff.c,\nwhich allows an attacker to cause a denial of service or information\ndisclosure via a crafted image file.\n\nCVE-2019-10714: LocaleLowercase in MagickCore/locale.c in ImageMagick\nbefore 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.\n\nCVE-2019-11470: The cineon parsing component in ImageMagick 7.0.8-26\nQ16 allows attackers to cause a denial-of-service (uncontrolled\nresource consumption) by crafting a Cineon image with an incorrect\nclaimed image size. This occurs because ReadCINImage in coders/cin.c\nlacks a check for insufficient image data in a file.\n\nCVE-2019-11472: ReadXWDImage in coders/xwd.c in the XWD image parsing\ncomponent of ImageMagick 7.0.8-41 Q16 allows attackers to cause a\ndenial-of-service (divide-by-zero error) by crafting an XWD image file\nin which the header indicates neither LSB first nor MSB first.\n\nCVE-2019-11597: In ImageMagick 7.0.8-43 Q16, there is a heap-based\nbuffer over-read in the function WriteTIFFImage of coders/tiff.c,\nwhich allows an attacker to cause a denial of service or possibly\ninformation disclosure via a crafted image file.\n\nCVE-2019-11598: In ImageMagick 7.0.8-40 Q16, there is a heap-based\nbuffer over-read in the function WritePNMImage of coders/pnm.c, which\nallows an attacker to cause a denial of service or possibly\ninformation disclosure via a crafted image file. This is related to\nSetGrayscaleImage in MagickCore/quantize.c.\"\n );\n # https://www.cvedetails.com/vulnerability-list/vendor_id-1749/Imagemagick.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1f4e659e\"\n );\n # https://vuxml.freebsd.org/freebsd/183d700e-ec70-487e-a9c4-632324afa934.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df154b9c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9956\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick6-nox11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ImageMagick7-nox11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick7<7.0.8.47\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick7-nox11<7.0.8.47\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick6<6.9.10.47,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ImageMagick6-nox11<6.9.10.47,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:32:43", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13297", "CVE-2019-16713", "CVE-2019-13311", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-16710", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-16711", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-16708", "CVE-2019-13305", "CVE-2019-14981", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-15139"], "description": "It was discovered that ImageMagick incorrectly handled certain malformed \nimage files. If a user or automated system using ImageMagick were tricked \ninto opening a specially crafted image, an attacker could exploit this to \ncause a denial of service or possibly execute code with the privileges of \nthe user invoking the program.", "edition": 2, "modified": "2019-11-14T00:00:00", "published": "2019-11-14T00:00:00", "id": "USN-4192-1", "href": "https://ubuntu.com/security/notices/USN-4192-1", "title": "ImageMagick vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2019-08-21T16:48:30", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2019-13298", "CVE-2019-13297", "CVE-2019-13134", "CVE-2019-13311", "CVE-2019-13303", "CVE-2019-13309", "CVE-2019-13137", "CVE-2019-13301", "CVE-2019-12976", "CVE-2019-13306", "CVE-2019-13302", "CVE-2019-13136", "CVE-2019-13307", "CVE-2019-13304", "CVE-2019-12978", "CVE-2019-13299", "CVE-2019-13310", "CVE-2019-13308", "CVE-2019-13454", "CVE-2019-12974", "CVE-2019-12977", "CVE-2019-13295", "CVE-2019-12979", "CVE-2019-13305", "CVE-2019-12975", "CVE-2019-13391", "CVE-2019-13296", "CVE-2019-13133"], "description": "This update for ImageMagick fixes the following issues:\n\n - CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()\n (bsc#1140554).\n - CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to\n mishandling the NoSuchImage error in CLIListOperatorImages (bsc#1140520).\n - CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an\n error in MagickWand/mogrify.c (bsc#1140501).\n - CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a\n wand/mogrify.c error (bsc#1140513).\n - CVE-2019-13303: Fixed a heap-based buffer over-read in\n MagickCore/composite.c in CompositeImage (bsc#1140549).\n - CVE-2019-13296: Fixed a memory leak in AcquireMagickMemory because of an\n error in CLIListOperatorImages in MagickWand/operation.c (bsc#1140665).\n - CVE-2019-13299: Fixed a heap-based buffer over-read at\n MagickCore/pixel-accessor.h in GetPixelChannel (bsc#1140668).\n - CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in\n MagickCore/layer.c (bsc#1141171).\n - CVE-2019-13295: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).\n - CVE-2019-13297: Fixed a heap-based buffer over-read at\n MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).\n - CVE-2019-12979: Fixed the use of uninitialized values in\n SyncImageSettings() (bsc#1139886).\n - CVE-2019-13391: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c (bsc#1140673).\n - CVE-2019-13308: Fixed a heap-based buffer overflow in\n MagickCore/fourier.c (bsc#1140534).\n - CVE-2019-13302: Fixed a heap-based buffer over-read in\n MagickCore/fourier.c in ComplexImages (bsc#1140552).\n - CVE-2019-13298: Fixed a heap-based buffer overflow at\n MagickCore/pixel-accessor.h in SetPixelViaPixelInfo (bsc#1140667).\n - CVE-2019-13300: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c in EvaluateImages (bsc#1140669).\n - CVE-2019-13307: Fixed a heap-based buffer overflow at\n MagickCore/statistic.c (bsc#1140538).\n - CVE-2019-12977: Fixed the use of uninitialized values in WriteJP2Imag()\n (bsc#1139884).\n - CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in\n coders/dpx.c (bsc#1140106).\n - CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage()\n (bsc#1140103).\n - CVE-2019-12978: Fixed the use of uninitialized values in\n ReadPANGOImage() (bsc#1139885).\n - CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage()\n (bsc#1140111).\n - CVE-2019-13304: Fixed a stack-based buffer overflow at coders/pnm.c in\n WritePNMImage (bsc#1140547).\n - CVE-2019-13305: Fixed one more stack-based buffer overflow at\n coders/pnm.c in WritePNMImage (bsc#1140545).\n - CVE-2019-13306: Fixed an additional stack-based buffer overflow at\n coders/pnm.c in WritePNMImage (bsc#1140543).\n - CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).\n - CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).\n - CVE-2019-13137: Fixed a memory leak in the ReadPSImage() (bsc#1140105).\n - CVE-2019-13136: Fixed a integer overflow vulnerability in the\n TIFFSeekCustomStream() (bsc#1140104).\n - CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in\n coders/pcl.c(bsc#1140110).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-08-21T15:12:09", "published": "2019-08-21T15:12:09", "id": "OPENSUSE-SU-2019:1983-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html", "title": "Security update for ImageMagick (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-17T11:21:03", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16713", "CVE-2019-14980", "CVE-2019-16710", "CVE-2019-16711", "CVE-2019-16712", "CVE-2019-16708", "CVE-2019-14981", "CVE-2019-15141", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-15139"], "description": "This update for ImageMagick fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage\n (bsc#1146213).\n - CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser\n (bsc#1146212).\n - CVE-2019-15141: Fixed a divide-by-zero vulnerability in the\n MeanShiftImage function (bsc#1146211).\n - CVE-2019-14980: Fixed an application crash resulting from a heap-based\n buffer over-read in WriteTIFFImage (bsc#1146068).\n - CVE-2019-14981: Fixed a use after free in the UnmapBlob function\n (bsc#1146065).\n - CVE-2019-16708: Fixed a memory leak in magick/xwindow.c (bsc#1151781).\n - CVE-2019-16709: Fixed a memory leak in coders/dps.c (bsc#1151782).\n - CVE-2019-16710: Fixed a memory leak in coders/dot.c (bsc#1151783).\n - CVE-2019-16711: Fixed a memory leak in Huffman2DEncodeImage in\n coders/ps2.c (bsc#1151784).\n - CVE-2019-16712: Fixed a memory leak in Huffman2DEncodeImage in\n coders/ps3.c (bsc#1151785).\n - CVE-2019-16713: Fixed a memory leak in coders/dot.c (bsc#1151786).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-16T15:10:55", "published": "2019-11-16T15:10:55", "id": "OPENSUSE-SU-2019:2519-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "title": "Security update for ImageMagick (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-17T11:21:03", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16713", "CVE-2019-14980", "CVE-2019-16710", "CVE-2019-16711", "CVE-2019-16712", "CVE-2019-16708", "CVE-2019-14981", "CVE-2019-15141", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-15139"], "description": "This update for ImageMagick fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-15139: Fixed a denial-of-service vulnerability in ReadXWDImage\n (bsc#1146213).\n - CVE-2019-15140: Fixed a use-after-free bug in the Matlab image parser\n (bsc#1146212).\n - CVE-2019-15141: Fixed a divide-by-zero vulnerability in the\n MeanShiftImage function (bsc#1146211).\n - CVE-2019-14980: Fixed an application crash resulting from a heap-based\n buffer over-read in WriteTIFFImage (bsc#1146068).\n - CVE-2019-14981: Fixed a use after free in the UnmapBlob function\n (bsc#1146065).\n - CVE-2019-16708: Fixed a memory leak in magick/xwindow.c (bsc#1151781).\n - CVE-2019-16709: Fixed a memory leak in coders/dps.c (bsc#1151782).\n - CVE-2019-16710: Fixed a memory leak in coders/dot.c (bsc#1151783).\n - CVE-2019-16711: Fixed a memory leak in Huffman2DEncodeImage in\n coders/ps2.c (bsc#1151784).\n - CVE-2019-16712: Fixed a memory leak in Huffman2DEncodeImage in\n coders/ps3.c (bsc#1151785).\n - CVE-2019-16713: Fixed a memory leak in coders/dot.c (bsc#1151786).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-11-15T12:11:47", "published": "2019-11-15T12:11:47", "id": "OPENSUSE-SU-2019:2515-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "title": "Security update for ImageMagick (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-06-17T08:41:41", "bulletinFamily": "unix", "cvelist": ["CVE-2019-10650", "CVE-2019-7175", "CVE-2019-10714", "CVE-2019-10131", "CVE-2019-11598", "CVE-2019-7395", "CVE-2019-7396", "CVE-2019-7398", "CVE-2019-9956", "CVE-2019-11597", "CVE-2019-11472", "CVE-2019-10649", "CVE-2019-11470", "CVE-2019-7397"], "description": "\ncvedetails.com reports:\n\nCVE-2019-7175: In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.\nCVE-2019-7395: In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.\nCVE-2019-7396: In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.\nCVE-2019-7397: In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.\nCVE-2019-7398: In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.\nCVE-2019-9956: In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.\nCVE-2019-10131: An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.\nCVE-2019-10649: In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.\nCVE-2019-10650: In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.\nCVE-2019-10714: LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.\nCVE-2019-11470: The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.\nCVE-2019-11472: ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first.\nCVE-2019-11597: In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.\nCVE-2019-11598: In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c.\n\n", "edition": 5, "modified": "2019-06-17T00:00:00", "published": "2019-03-07T00:00:00", "id": "183D700E-EC70-487E-A9C4-632324AFA934", "href": "https://vuxml.freebsd.org/freebsd/183d700e-ec70-487e-a9c4-632324afa934.html", "title": "ImageMagick -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2021-02-02T07:12:50", "description": "ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.", "edition": 13, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-01T20:15:00", "title": "CVE-2019-13137", "type": "cve", "cwe": ["CWE-401"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13137"], "modified": "2020-08-24T17:37:00", "cpe": [], "id": "CVE-2019-13137", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13137", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2021-02-02T07:12:54", "description": "ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-23T12:15:00", "title": "CVE-2019-16713", "type": "cve", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16713"], "modified": "2020-07-01T12:15:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-43"], "id": "CVE-2019-16713", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16713", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:54", "description": "ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-23T12:15:00", "title": "CVE-2019-16708", "type": "cve", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16708"], "modified": "2020-07-01T12:15:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-35"], "id": "CVE-2019-16708", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16708", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:50", "description": "A NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image.", "edition": 9, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-06-26T18:15:00", "title": "CVE-2019-12974", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12974"], "modified": "2020-08-19T02:15:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-34"], "id": "CVE-2019-12974", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12974", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-34:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:50", "description": "ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCore/fourier.c in ComplexImage.", "edition": 11, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-05T01:15:00", "title": "CVE-2019-13308", "type": "cve", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13308"], "modified": "2020-09-08T00:15:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-50"], "id": "CVE-2019-13308", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13308", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-50:q16:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:50", "description": "ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c.", "edition": 9, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-07-09T17:15:00", "title": "CVE-2019-13454", "type": "cve", "cwe": ["CWE-369"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13454"], "modified": "2020-08-19T18:58:00", "cpe": ["cpe:/o:opensuse:leap:15.0", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:imagemagick:imagemagick:7.0.8-54", "cpe:/o:opensuse:leap:15.1", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:canonical:ubuntu_linux:19.10", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2019-13454", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13454", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:a:imagemagick:imagemagick:7.0.8-54:q16:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:58", "description": "In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare.", "edition": 13, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 9.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2019-12-24T01:15:00", "title": "CVE-2019-19949", "type": "cve", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19949"], "modified": "2020-09-30T20:15:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:opensuse:leap:15.1", "cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2019-19949", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19949", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:54", "description": "ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-23T12:15:00", "title": "CVE-2019-16710", "type": "cve", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16710"], "modified": "2020-07-01T12:15:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-35"], "id": "CVE-2019-16710", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16710", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:54", "description": "ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.", "edition": 8, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-09-23T12:15:00", "title": "CVE-2019-16711", "type": "cve", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16711"], "modified": "2020-07-01T12:15:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-40"], "id": "CVE-2019-16711", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16711", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-40:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T07:12:47", "description": "In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.", "edition": 7, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-03-30T14:29:00", "title": "CVE-2019-10649", "type": "cve", "cwe": ["CWE-401"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10649"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:imagemagick:imagemagick:7.0.8-36"], "id": "CVE-2019-10649", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-10649", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:imagemagick:imagemagick:7.0.8-36:q16:*:*:*:*:*:*"]}], "amazon": [{"lastseen": "2020-11-10T12:36:13", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2018-14437", "CVE-2019-19949", "CVE-2019-13297", "CVE-2019-10650", "CVE-2019-13134", "CVE-2018-16749", "CVE-2019-16713", "CVE-2019-7175", "CVE-2019-13311", "CVE-2019-17540", "CVE-2018-12600", "CVE-2017-1000476", "CVE-2019-14980", "CVE-2017-18252", "CVE-2018-9133", "CVE-2018-14434", "CVE-2019-13309", "CVE-2019-13301", "CVE-2018-13153", "CVE-2019-12976", "CVE-2019-13306", "CVE-2017-18251", "CVE-2019-16710", "CVE-2018-15607", "CVE-2019-13307", "CVE-2018-10177", "CVE-2019-10131", "CVE-2019-13304", "CVE-2018-12599", "CVE-2019-12978", "CVE-2019-11598", "CVE-2018-10804", "CVE-2017-12805", "CVE-2019-16711", "CVE-2018-18544", "CVE-2019-13310", "CVE-2019-7398", "CVE-2017-18271", "CVE-2017-11166", "CVE-2018-10805", "CVE-2019-13454", "CVE-2018-20467", "CVE-2019-12974", "CVE-2019-9956", "CVE-2019-13295", "CVE-2018-11656", "CVE-2019-16712", "CVE-2018-16328", "CVE-2017-18273", "CVE-2018-8804", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-16708", "CVE-2017-12806", "CVE-2018-14436", "CVE-2019-13305", "CVE-2019-14981", "CVE-2017-18254", "CVE-2019-17541", "CVE-2019-12975", "CVE-2019-11472", "CVE-2019-11470", "CVE-2019-19948", "CVE-2018-14435", "CVE-2019-15141", "CVE-2018-16750", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-13133", "CVE-2019-15139", "CVE-2019-7397"], "description": "**Issue Overview:**\n\nAn issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function WriteGIFImage in coders/gif.c, which allow remote attackers to cause a denial of service via a crafted file. ([CVE-2017-18254 __](<https://access.redhat.com/security/cve/CVE-2017-18254>))\n\nAn issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. ([CVE-2017-18252 __](<https://access.redhat.com/security/cve/CVE-2017-18252>))\n\nAn issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers to cause a denial of service via a crafted file. ([CVE-2017-18251 __](<https://access.redhat.com/security/cve/CVE-2017-18251>))\n\nIn ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. ([CVE-2018-16749 __](<https://access.redhat.com/security/cve/CVE-2018-16749>))\n\nImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c. ([CVE-2019-12978 __](<https://access.redhat.com/security/cve/CVE-2019-12978>))\n\nThe ReadXWDImage function in coders\\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file. ([CVE-2017-11166 __](<https://access.redhat.com/security/cve/CVE-2017-11166>))\n\nIn ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. ([CVE-2018-13153 __](<https://access.redhat.com/security/cve/CVE-2018-13153>))\n\nImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ([CVE-2018-14435 __](<https://access.redhat.com/security/cve/CVE-2018-14435>))\n\nImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. ([CVE-2018-14434 __](<https://access.redhat.com/security/cve/CVE-2018-14434>))\n\nImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ([CVE-2018-14437 __](<https://access.redhat.com/security/cve/CVE-2018-14437>))\n\nImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. ([CVE-2018-14436 __](<https://access.redhat.com/security/cve/CVE-2018-14436>))\n\nImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. ([CVE-2019-12976 __](<https://access.redhat.com/security/cve/CVE-2019-12976>))\n\nImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error. ([CVE-2019-13311 __](<https://access.redhat.com/security/cve/CVE-2019-13311>))\n\nImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. ([CVE-2019-17541 __](<https://access.redhat.com/security/cve/CVE-2019-17541>))\n\nImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. ([CVE-2019-17540 __](<https://access.redhat.com/security/cve/CVE-2019-17540>))\n\nIn ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. ([CVE-2019-14980 __](<https://access.redhat.com/security/cve/CVE-2019-14980>))\n\nIn ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. ([CVE-2019-14981 __](<https://access.redhat.com/security/cve/CVE-2019-14981>))\n\nIn ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. ([CVE-2019-9956 __](<https://access.redhat.com/security/cve/CVE-2019-9956>))\n\nIn ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. ([CVE-2019-7397 __](<https://access.redhat.com/security/cve/CVE-2019-7397>))\n\ncoders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. ([CVE-2019-11597 __](<https://access.redhat.com/security/cve/CVE-2019-11597>))\n\nIn ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. ([CVE-2019-15140 __](<https://access.redhat.com/security/cve/CVE-2019-15140>))\n\nIn ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. ([CVE-2017-12806 __](<https://access.redhat.com/security/cve/CVE-2017-12806>))\n\nIn ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. ([CVE-2019-10650 __](<https://access.redhat.com/security/cve/CVE-2019-10650>))\n\nImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. ([CVE-2019-16708 __](<https://access.redhat.com/security/cve/CVE-2019-16708>))\n\nImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. ([CVE-2019-16709 __](<https://access.redhat.com/security/cve/CVE-2019-16709>))\n\nImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. ([CVE-2019-13133 __](<https://access.redhat.com/security/cve/CVE-2019-13133>))\n\nImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. ([CVE-2019-13134 __](<https://access.redhat.com/security/cve/CVE-2019-13134>))\n\nImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c. ([CVE-2019-13135 __](<https://access.redhat.com/security/cve/CVE-2019-13135>))\n\nIn ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. ([CVE-2019-7175 __](<https://access.redhat.com/security/cve/CVE-2019-7175>))\n\nIn ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c. ([CVE-2019-11598 __](<https://access.redhat.com/security/cve/CVE-2019-11598>))\n\nImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c. ([CVE-2019-13310 __](<https://access.redhat.com/security/cve/CVE-2019-13310>))\n\nIn ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. ([CVE-2017-18271 __](<https://access.redhat.com/security/cve/CVE-2017-18271>))\n\nIn ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. ([CVE-2017-18273 __](<https://access.redhat.com/security/cve/CVE-2017-18273>))\n\nThere is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. ([CVE-2018-18544 __](<https://access.redhat.com/security/cve/CVE-2018-18544>))\n\nIn ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. ([CVE-2018-15607 __](<https://access.redhat.com/security/cve/CVE-2018-15607>))\n\nImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. ([CVE-2019-16713 __](<https://access.redhat.com/security/cve/CVE-2019-16713>))\n\nImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. ([CVE-2019-16712 __](<https://access.redhat.com/security/cve/CVE-2019-16712>))\n\nImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ([CVE-2019-16711 __](<https://access.redhat.com/security/cve/CVE-2019-16711>))\n\nImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. ([CVE-2019-16710 __](<https://access.redhat.com/security/cve/CVE-2019-16710>))\n\nReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first. ([CVE-2019-11472 __](<https://access.redhat.com/security/cve/CVE-2019-11472>))\n\nImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. ([CVE-2019-12975 __](<https://access.redhat.com/security/cve/CVE-2019-12975>))\n\nThe cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file. ([CVE-2019-11470 __](<https://access.redhat.com/security/cve/CVE-2019-11470>))\n\nAn off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. ([CVE-2019-10131 __](<https://access.redhat.com/security/cve/CVE-2019-10131>))\n\nWriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. ([CVE-2018-8804 __](<https://access.redhat.com/security/cve/CVE-2018-8804>))\n\nImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. ([CVE-2017-1000476 __](<https://access.redhat.com/security/cve/CVE-2017-1000476>))\n\nIn ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. ([CVE-2018-16328 __](<https://access.redhat.com/security/cve/CVE-2018-16328>))\n\nImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. ([CVE-2019-12979 __](<https://access.redhat.com/security/cve/CVE-2019-12979>))\n\nImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. ([CVE-2019-13454 __](<https://access.redhat.com/security/cve/CVE-2019-13454>))\n\nIn ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. ([CVE-2019-19949 __](<https://access.redhat.com/security/cve/CVE-2019-19949>))\n\nIn ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c. ([CVE-2019-19948 __](<https://access.redhat.com/security/cve/CVE-2019-19948>))\n\nIn ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. ([CVE-2018-11656 __](<https://access.redhat.com/security/cve/CVE-2018-11656>))\n\nIn coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. ([CVE-2018-20467 __](<https://access.redhat.com/security/cve/CVE-2018-20467>))\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. ([CVE-2019-13307 __](<https://access.redhat.com/security/cve/CVE-2019-13307>))\n\nImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors. ([CVE-2019-13306 __](<https://access.redhat.com/security/cve/CVE-2019-13306>))\n\nImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error. ([CVE-2019-13305 __](<https://access.redhat.com/security/cve/CVE-2019-13305>))\n\nImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. ([CVE-2019-13304 __](<https://access.redhat.com/security/cve/CVE-2019-13304>))\n\nImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. ([CVE-2019-13301 __](<https://access.redhat.com/security/cve/CVE-2019-13301>))\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. ([CVE-2019-13300 __](<https://access.redhat.com/security/cve/CVE-2019-13300>))\n\nImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. ([CVE-2019-13309 __](<https://access.redhat.com/security/cve/CVE-2019-13309>))\n\nIn ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. ([CVE-2019-11597 __](<https://access.redhat.com/security/cve/CVE-2019-11597>))\n\nIn ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. ([CVE-2018-12599 __](<https://access.redhat.com/security/cve/CVE-2018-12599>))\n\nA NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. ([CVE-2019-12974 __](<https://access.redhat.com/security/cve/CVE-2019-12974>))\n\nIn ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. ([CVE-2018-16750 __](<https://access.redhat.com/security/cve/CVE-2018-16750>))\n\nImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. ([CVE-2018-10804 __](<https://access.redhat.com/security/cve/CVE-2018-10804>))\n\nImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. ([CVE-2018-10805 __](<https://access.redhat.com/security/cve/CVE-2018-10805>))\n\nImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file. ([CVE-2018-9133 __](<https://access.redhat.com/security/cve/CVE-2018-9133>))\n\nIn ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. ([CVE-2019-7398 __](<https://access.redhat.com/security/cve/CVE-2019-7398>))\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. ([CVE-2019-13295 __](<https://access.redhat.com/security/cve/CVE-2019-13295>))\n\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. ([CVE-2019-13297 __](<https://access.redhat.com/security/cve/CVE-2019-13297>))\n\nIn ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file. ([CVE-2018-10177 __](<https://access.redhat.com/security/cve/CVE-2018-10177>))\n\nIn ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. ([CVE-2018-12600 __](<https://access.redhat.com/security/cve/CVE-2018-12600>))\n\n \n**Affected Packages:** \n\n\nphp-pecl-imagick\n\n \n**Issue Correction:** \nRun _yum update php-pecl-imagick_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n php-pecl-imagick-debuginfo-3.4.4-1.8.amzn1.i686 \n php-pecl-imagick-3.4.4-1.8.amzn1.i686 \n \n src: \n php-pecl-imagick-3.4.4-1.8.amzn1.src \n \n x86_64: \n php-pecl-imagick-debuginfo-3.4.4-1.8.amzn1.x86_64 \n php-pecl-imagick-3.4.4-1.8.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2020-06-23T07:03:00", "published": "2020-06-23T07:03:00", "id": "ALAS-2020-1391", "href": "https://alas.aws.amazon.com/ALAS-2020-1391.html", "title": "Medium: php-pecl-imagick", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-10T12:37:17", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2018-14437", "CVE-2019-19949", "CVE-2019-13297", "CVE-2019-10650", "CVE-2019-13134", "CVE-2018-16749", "CVE-2019-16713", "CVE-2019-7175", "CVE-2019-13311", "CVE-2019-17540", "CVE-2018-12600", "CVE-2017-1000476", "CVE-2019-14980", "CVE-2017-18252", "CVE-2018-9133", "CVE-2018-14434", "CVE-2019-13309", "CVE-2019-13301", "CVE-2018-13153", "CVE-2019-12976", "CVE-2019-13306", "CVE-2017-18251", "CVE-2019-16710", "CVE-2018-15607", "CVE-2019-13307", "CVE-2018-10177", "CVE-2019-10131", "CVE-2019-13304", "CVE-2018-12599", "CVE-2019-12978", "CVE-2019-11598", "CVE-2018-10804", "CVE-2017-12805", "CVE-2019-16711", "CVE-2018-18544", "CVE-2019-13310", "CVE-2019-7398", "CVE-2017-18271", "CVE-2017-11166", "CVE-2018-10805", "CVE-2019-13454", "CVE-2018-20467", "CVE-2019-12974", "CVE-2019-9956", "CVE-2019-13295", "CVE-2018-11656", "CVE-2019-16712", "CVE-2018-16328", "CVE-2017-18273", "CVE-2018-8804", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-16708", "CVE-2017-12806", "CVE-2018-14436", "CVE-2019-13305", "CVE-2019-14981", "CVE-2017-18254", "CVE-2019-17541", "CVE-2019-12975", "CVE-2019-11472", "CVE-2019-11470", "CVE-2019-19948", "CVE-2018-14435", "CVE-2019-15141", "CVE-2018-16750", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-13133", "CVE-2019-15139", "CVE-2019-7397"], "description": "**Issue Overview:**\n\nImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. ([CVE-2017-1000476 __](<https://access.redhat.com/security/cve/CVE-2017-1000476>))\n\nThe ReadXWDImage function in coders\\xwd.c in ImageMagick 7.0.5-6 has a memory leak vulnerability that can cause memory exhaustion via a crafted length (number of color-map entries) field in the header of an XWD file. ([CVE-2017-11166 __](<https://access.redhat.com/security/cve/CVE-2017-11166>))\n\nIn ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. ([CVE-2017-12805 __](<https://access.redhat.com/security/cve/CVE-2017-12805>))\n\nIn ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. ([CVE-2017-12806 __](<https://access.redhat.com/security/cve/CVE-2017-12806>))\n\nA memory leak vulnerability has been discovered in ImageMagick in the ReadPCDImage function of coders/pcd.c file. An attacker could use this flaw to cause a denial of service via a crafted file. ([CVE-2017-18251 __](<https://access.redhat.com/security/cve/CVE-2017-18251>))\n\nAn issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service (assertion failure and application exit in ReplaceImageInList) via a crafted file. ([CVE-2017-18252 __](<https://access.redhat.com/security/cve/CVE-2017-18252>))\n\nA memory leak vulnerability has been discovered in ImageMagick in the WriteGIFImage function of coders/gif.c file. An attacker could use this flaw to cause a denial of service via a crafted file. ([CVE-2017-18254 __](<https://access.redhat.com/security/cve/CVE-2017-18254>))\n\nIn ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. ([CVE-2017-18271 __](<https://access.redhat.com/security/cve/CVE-2017-18271>))\n\nIn ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. ([CVE-2017-18273 __](<https://access.redhat.com/security/cve/CVE-2017-18273>))\n\nAn infinite loop has been found in the way ImageMagick reads Multiple-image Network Graphics (MNG) data. An attacker could exploit this to cause a denial of service via crafted MNG file. ([CVE-2018-10177 __](<https://access.redhat.com/security/cve/CVE-2018-10177>))\n\nImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. ([CVE-2018-10804 __](<https://access.redhat.com/security/cve/CVE-2018-10804>))\n\nImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. ([CVE-2018-10805 __](<https://access.redhat.com/security/cve/CVE-2018-10805>))\n\nIn ImageMagick 7.0.7-20 Q16 x86_64, a memory leak vulnerability was found in the function ReadDCMImage in coders/dcm.c, which allows attackers to cause a denial of service via a crafted DCM image file. ([CVE-2018-11656 __](<https://access.redhat.com/security/cve/CVE-2018-11656>))\n\nIn ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. ([CVE-2018-12599 __](<https://access.redhat.com/security/cve/CVE-2018-12599>))\n\nIn ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. ([CVE-2018-12600 __](<https://access.redhat.com/security/cve/CVE-2018-12600>))\n\nA memory leak was discovered in ImageMagick in the XMagickCommand function in animate.c file. An array of strings, named filelist, is allocated on the heap but not released in case the function ExpandFilenames returns an error code. ([CVE-2018-13153 __](<https://access.redhat.com/security/cve/CVE-2018-13153>))\n\nImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. ([CVE-2018-14434 __](<https://access.redhat.com/security/cve/CVE-2018-14434>))\n\nImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. ([CVE-2018-14435 __](<https://access.redhat.com/security/cve/CVE-2018-14435>))\n\nImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. ([CVE-2018-14436 __](<https://access.redhat.com/security/cve/CVE-2018-14436>))\n\nImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ([CVE-2018-14437 __](<https://access.redhat.com/security/cve/CVE-2018-14437>))\n\nIn ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. ([CVE-2018-15607 __](<https://access.redhat.com/security/cve/CVE-2018-15607>))\n\nIn ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. ([CVE-2018-16328 __](<https://access.redhat.com/security/cve/CVE-2018-16328>))\n\nIn ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file. ([CVE-2018-16749 __](<https://access.redhat.com/security/cve/CVE-2018-16749>))\n\nIn ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found. ([CVE-2018-16750 __](<https://access.redhat.com/security/cve/CVE-2018-16750>))\n\nThere is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. ([CVE-2018-18544 __](<https://access.redhat.com/security/cve/CVE-2018-18544>))\n\nIn coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. ([CVE-2018-20467 __](<https://access.redhat.com/security/cve/CVE-2018-20467>))\n\nWriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. ([CVE-2018-8804 __](<https://access.redhat.com/security/cve/CVE-2018-8804>))\n\nImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file. ([CVE-2018-9133 __](<https://access.redhat.com/security/cve/CVE-2018-9133>))\n\nAn off-by-one read vulnerability was discovered in ImageMagick in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program. ([CVE-2019-10131 __](<https://access.redhat.com/security/cve/CVE-2019-10131>))\n\nIn ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. ([CVE-2019-10650 __](<https://access.redhat.com/security/cve/CVE-2019-10650>))\n\nThe cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file. ([CVE-2019-11470 __](<https://access.redhat.com/security/cve/CVE-2019-11470>))\n\nReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB first. ([CVE-2019-11472 __](<https://access.redhat.com/security/cve/CVE-2019-11472>))\n\nIn ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. ([CVE-2019-11597 __](<https://access.redhat.com/security/cve/CVE-2019-11597>))\n\nIn ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. This is related to SetGrayscaleImage in MagickCore/quantize.c. ([CVE-2019-11598 __](<https://access.redhat.com/security/cve/CVE-2019-11598>))\n\nA NULL pointer dereference in the function ReadPANGOImage in coders/pango.c and the function ReadVIDImage in coders/vid.c in ImageMagick 7.0.8-34 allows remote attackers to cause a denial of service via a crafted image. ([CVE-2019-12974 __](<https://access.redhat.com/security/cve/CVE-2019-12974>))\n\nIt was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the WriteDPXImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. ([CVE-2019-12975 __](<https://access.redhat.com/security/cve/CVE-2019-12975>))\n\nIt was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the ReadPCLImage() function. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. \nAn attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. ([CVE-2019-12976 __](<https://access.redhat.com/security/cve/CVE-2019-12976>))\n\nImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the ReadPANGOImage function in coders/pango.c. ([CVE-2019-12978 __](<https://access.redhat.com/security/cve/CVE-2019-12978>))\n\nImageMagick 7.0.8-34 has a \"use of uninitialized value\" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. ([CVE-2019-12979 __](<https://access.redhat.com/security/cve/CVE-2019-12979>))\n\nImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c. ([CVE-2019-13133 __](<https://access.redhat.com/security/cve/CVE-2019-13133>))\n\nImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c. ([CVE-2019-13134 __](<https://access.redhat.com/security/cve/CVE-2019-13134>))\n\nImageMagick before 7.0.8-50 has a \"use of uninitialized value\" vulnerability in the function ReadCUTImage in coders/cut.c. ([CVE-2019-13135 __](<https://access.redhat.com/security/cve/CVE-2019-13135>))\n\nA heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on the range of intensity values in its local neighborhood due to a width of zero mishandle error. Applications compiled against ImageMagick libraries that accept untrustworthy images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or leak application data. ([CVE-2019-13295 __](<https://access.redhat.com/security/cve/CVE-2019-13295>))\n\nA heap-based buffer over-read was discovered in ImageMagick in the way it selects an individual threshold for each pixel based on the range of intensity values in its local neighborhood due to a height of zero mishandle error. Applications compiled against ImageMagick libraries that accept untrustworthy images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or leak application data. ([CVE-2019-13297 __](<https://access.redhat.com/security/cve/CVE-2019-13297>))\n\nA heap-based buffer overflow was discovered in ImageMagick in the way it applies a value with arithmetic, relational, or logical operators to an image due to mishandling columns. Applications compiled against ImageMagick libraries that accept untrustworthy images and use the evaluate-sequence option or function EvaluateImages may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. ([CVE-2019-13300 __](<https://access.redhat.com/security/cve/CVE-2019-13300>))\n\nImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error. ([CVE-2019-13301 __](<https://access.redhat.com/security/cve/CVE-2019-13301>))\n\nA stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced assignment. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. ([CVE-2019-13304 __](<https://access.redhat.com/security/cve/CVE-2019-13304>))\n\nA stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to a misplaced strncpy and off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. ([CVE-2019-13305 __](<https://access.redhat.com/security/cve/CVE-2019-13305>))\n\nA stack-based buffer overflow was discovered in ImageMagick in the way it writes PNM images due to off-by-one errors. Applications compiled against ImageMagick libraries that accept untrustworthy images or write PNM images may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. ([CVE-2019-13306 __](<https://access.redhat.com/security/cve/CVE-2019-13306>))\n\nA heap-based buffer overflow was discovered in ImageMagick in the way it parses images when using the evaluate-sequence option. Applications compiled against ImageMagick libraries that accept untrustworthy images and use the evaluate-sequence option or function EvaluateImages may be vulnerable to this flaw. An attacker could abuse this flaw by providing a specially crafted image to make the application crash or potentially execute code. ([CVE-2019-13307 __](<https://access.redhat.com/security/cve/CVE-2019-13307>))\n\nA flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to the mishandling of the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c. It was discovered that ImageMagick does not properly release acquired memory in function MogrifyImageList() when some error conditions are met, or the \"compare\" option is used. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. ([CVE-2019-13309 __](<https://access.redhat.com/security/cve/CVE-2019-13309>))\n\nA flaw was found in ImageMagick version 7.0.8-50 Q16, containing memory leaks of AcquireMagickMemory due to an error found in MagickWand/mogrify.c. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function MogrifyImageList(). Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. ([CVE-2019-13310 __](<https://access.redhat.com/security/cve/CVE-2019-13310>))\n\nA flaw was found in ImageMagick, containing memory leaks of AcquireMagickMemory due to a wand/mogrify.c error. It was discovered that ImageMagick does not properly release acquired memory when some error conditions occur in the function MogrifyImageList(). An attacker could abuse this flaw by providing a specially crafted image and cause a Denial of Service by using all available memory. Applications compiled against ImageMagick libraries that accept untrustworthy images may be exploited to use all available memory and make them crash. ([CVE-2019-13311 __](<https://access.redhat.com/security/cve/CVE-2019-13311>))\n\nImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. ([CVE-2019-13454 __](<https://access.redhat.com/security/cve/CVE-2019-13454>))\n\nIn ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. ([CVE-2019-14980 __](<https://access.redhat.com/security/cve/CVE-2019-14980>))\n\nIn ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. It allows an attacker to cause a denial of service by sending a crafted file. ([CVE-2019-14981 __](<https://access.redhat.com/security/cve/CVE-2019-14981>))\n\nThe XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a corrupted XWD image file, a different vulnerability than [CVE-2019-11472 __](<https://access.redhat.com/security/cve/CVE-2019-11472>). ([CVE-2019-15139 __](<https://access.redhat.com/security/cve/CVE-2019-15139>))\n\ncoders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact by crafting a Matlab image file that is mishandled in ReadImage in MagickCore/constitute.c. ([CVE-2019-15140 __](<https://access.redhat.com/security/cve/CVE-2019-15140>))\n\nWriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for [CVE-2019-11597 __](<https://access.redhat.com/security/cve/CVE-2019-11597>). ([CVE-2019-15141 __](<https://access.redhat.com/security/cve/CVE-2019-15141>))\n\nImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. ([CVE-2019-16708 __](<https://access.redhat.com/security/cve/CVE-2019-16708>))\n\nImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage. ([CVE-2019-16709 __](<https://access.redhat.com/security/cve/CVE-2019-16709>))\n\nImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. ([CVE-2019-16710 __](<https://access.redhat.com/security/cve/CVE-2019-16710>))\n\nImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. ([CVE-2019-16711 __](<https://access.redhat.com/security/cve/CVE-2019-16711>))\n\nImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in coders/ps3.c, as demonstrated by WritePS3Image. ([CVE-2019-16712 __](<https://access.redhat.com/security/cve/CVE-2019-16712>))\n\nImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. ([CVE-2019-16713 __](<https://access.redhat.com/security/cve/CVE-2019-16713>))\n\nImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c. ([CVE-2019-17540 __](<https://access.redhat.com/security/cve/CVE-2019-17540>))\n\nImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo in MagickCore/string.c because the error manager is mishandled in coders/jpeg.c. ([CVE-2019-17541 __](<https://access.redhat.com/security/cve/CVE-2019-17541>))\n\nA heap-based buffer overflow flaw was discovered in ImageMagick when writing SGI images with improper columns and rows properties. An attacker may trick a victim user into downloading a malicious image file and running it through ImageMagick, possibly executing code onto the victim user's system. ([CVE-2019-19948 __](<https://access.redhat.com/security/cve/CVE-2019-19948>))\n\nAn out-of-bounds read was discovered in ImageMagick when writing PNG images. An attacker may abuse this flaw to trick a victim user into downloading a malicious image file and running it through ImageMagick, causing the application to crash. ([CVE-2019-19949 __](<https://access.redhat.com/security/cve/CVE-2019-19949>))\n\nIn ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c. ([CVE-2019-7175 __](<https://access.redhat.com/security/cve/CVE-2019-7175>))\n\nIn ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. ([CVE-2019-7397 __](<https://access.redhat.com/security/cve/CVE-2019-7397>))\n\nIn ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. ([CVE-2019-7398 __](<https://access.redhat.com/security/cve/CVE-2019-7398>))\n\nIn ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. ([CVE-2019-9956 __](<https://access.redhat.com/security/cve/CVE-2019-9956>))\n\n \n**Affected Packages:** \n\n\nImageMagick\n\n \n**Issue Correction:** \nRun _yum update ImageMagick_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n ImageMagick-6.9.10.68-3.amzn2.0.1.aarch64 \n ImageMagick-devel-6.9.10.68-3.amzn2.0.1.aarch64 \n ImageMagick-doc-6.9.10.68-3.amzn2.0.1.aarch64 \n ImageMagick-perl-6.9.10.68-3.amzn2.0.1.aarch64 \n ImageMagick-c++-6.9.10.68-3.amzn2.0.1.aarch64 \n ImageMagick-c++-devel-6.9.10.68-3.amzn2.0.1.aarch64 \n ImageMagick-debuginfo-6.9.10.68-3.amzn2.0.1.aarch64 \n \n i686: \n ImageMagick-6.9.10.68-3.amzn2.0.1.i686 \n ImageMagick-devel-6.9.10.68-3.amzn2.0.1.i686 \n ImageMagick-doc-6.9.10.68-3.amzn2.0.1.i686 \n ImageMagick-perl-6.9.10.68-3.amzn2.0.1.i686 \n ImageMagick-c++-6.9.10.68-3.amzn2.0.1.i686 \n ImageMagick-c++-devel-6.9.10.68-3.amzn2.0.1.i686 \n ImageMagick-debuginfo-6.9.10.68-3.amzn2.0.1.i686 \n \n src: \n ImageMagick-6.9.10.68-3.amzn2.0.1.src \n \n x86_64: \n ImageMagick-6.9.10.68-3.amzn2.0.1.x86_64 \n ImageMagick-devel-6.9.10.68-3.amzn2.0.1.x86_64 \n ImageMagick-doc-6.9.10.68-3.amzn2.0.1.x86_64 \n ImageMagick-perl-6.9.10.68-3.amzn2.0.1.x86_64 \n ImageMagick-c++-6.9.10.68-3.amzn2.0.1.x86_64 \n ImageMagick-c++-devel-6.9.10.68-3.amzn2.0.1.x86_64 \n ImageMagick-debuginfo-6.9.10.68-3.amzn2.0.1.x86_64 \n \n \n", "edition": 1, "modified": "2020-10-22T17:05:00", "published": "2020-10-22T17:05:00", "id": "ALAS2-2020-1497", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1497.html", "title": "Medium: ImageMagick", "type": "amazon", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-04-09T02:42:49", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13300", "CVE-2019-13135", "CVE-2018-14437", "CVE-2019-19949", "CVE-2019-13297", "CVE-2019-10650", "CVE-2019-13134", "CVE-2018-16749", "CVE-2019-16713", "CVE-2019-7175", "CVE-2019-13311", "CVE-2019-17540", "CVE-2018-12600", "CVE-2017-1000476", "CVE-2019-14980", "CVE-2017-18252", "CVE-2018-9133", "CVE-2018-14434", "CVE-2019-13309", "CVE-2019-13301", "CVE-2018-13153", "CVE-2019-12976", "CVE-2019-13306", "CVE-2017-18251", "CVE-2019-16710", "CVE-2018-15607", "CVE-2019-13307", "CVE-2018-10177", "CVE-2019-10131", "CVE-2019-13304", "CVE-2018-12599", "CVE-2019-12978", "CVE-2019-11598", "CVE-2018-10804", "CVE-2017-12805", "CVE-2019-16711", "CVE-2018-18544", "CVE-2019-13310", "CVE-2019-7398", "CVE-2017-18271", "CVE-2017-11166", "CVE-2018-10805", "CVE-2019-13454", "CVE-2018-20467", "CVE-2019-12974", "CVE-2019-9956", "CVE-2019-13295", "CVE-2018-11656", "CVE-2019-16712", "CVE-2018-16328", "CVE-2017-18273", "CVE-2018-8804", "CVE-2019-11597", "CVE-2019-12979", "CVE-2019-16708", "CVE-2017-12806", "CVE-2018-14436", "CVE-2019-13305", "CVE-2019-14981", "CVE-2017-18254", "CVE-2019-17541", "CVE-2019-12975", "CVE-2019-11472", "CVE-2019-11470", "CVE-2019-19948", "CVE-2018-14435", "CVE-2019-15141", "CVE-2018-16750", "CVE-2019-16709", "CVE-2019-15140", "CVE-2019-13133", "CVE-2019-15139", "CVE-2019-7397"], "description": "autotrace\n[0.31.1-38]\n- Resolves: #1765205 rebuild against new IM\nemacs\n[1:24.3-23]\n- Resolves: #1765208 rebuild against new IM\nImageMagick\n[6.9.10.68-3]\n- Fixing freeze when svg file contains class=''\n[6.9.10.68-2]\n- Fixed ghostscript fonts, fixed multilib conflicts\n[6.9.10.68-1]\n- Rebase to 6.9.10.68\ninkscape\n[0.92.2-3]\n- Resolves: #1765211 rebuild against new IM", "edition": 1, "modified": "2020-04-06T00:00:00", "published": "2020-04-06T00:00:00", "id": "ELSA-2020-1180", "href": "http://linux.oracle.com/errata/ELSA-2020-1180.html", "title": "ImageMagick security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
