Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2019 Greenbone AGOPENVAS:1361412562310113429
HistoryJul 15, 2019 - 12:00 a.m.

ImageMagick < 7.0.8-54 Division By Zero Error Vulnerability - Linux

2019-07-1500:00:00
Copyright (C) 2019 Greenbone AG
plugins.openvas.org
10

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.1%

JSON

ImageMagick is prone to a division by zero error.

# SPDX-FileCopyrightText: 2019 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:imagemagick:imagemagick";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.113429");
  script_version("2024-02-29T05:05:39+0000");
  script_tag(name:"last_modification", value:"2024-02-29 05:05:39 +0000 (Thu, 29 Feb 2024)");
  script_tag(name:"creation_date", value:"2019-07-15 11:30:32 +0000 (Mon, 15 Jul 2019)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-08-19 18:58:00 +0000 (Wed, 19 Aug 2020)");

  script_tag(name:"qod_type", value:"executable_version_unreliable");

  script_tag(name:"solution_type", value:"VendorFix");

  script_cve_id("CVE-2019-13454");

  script_name("ImageMagick < 7.0.8-54 Division By Zero Error Vulnerability - Linux");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2019 Greenbone AG");
  script_family("Denial of Service");
  script_dependencies("secpod_imagemagick_detect_lin.nasl");
  script_mandatory_keys("ImageMagick/Lin/Ver");

  script_tag(name:"summary", value:"ImageMagick is prone to a division by zero error.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw exists within RemoveDuplicateLayers in MagickCore/layer.c.");

  script_tag(name:"impact", value:"Successful exploitation would allow an attacker to crash the application.");

  script_tag(name:"affected", value:"ImageMagick version 7.0.8-53 and prior.");

  script_tag(name:"solution", value:"Update to version 7.0.8-54 or later.");

  script_xref(name:"URL", value:"https://github.com/ImageMagick/ImageMagick/issues/1629");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/109099");

  exit(0);
}

include( "host_details.inc" );
include( "version_func.inc" );

if( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) )
  exit( 0 );

version = infos["version"];
location = infos["location"];

if( version_is_less( version: version, test_version: "7.0.8.54" ) ) {
  report = report_fixed_ver( installed_version: version, fixed_version: "7.0.8.54", install_path: location );
  security_message( data: report, port: 0 );
  exit( 0 );
}

exit( 99 );

Related

veracode 1
cve 1
openvas 10
redhatcve 1
osv 3
ubuntucve 1
prion 1
debiancve 1
alpinelinux 1
ibm 3
nessus 28
debian 2
cloudfoundry 1
ubuntu 1
suse 1
amazon 10
oraclelinux 1
centos 1
redhat 1
veracode
veracode
Denial Of Service (DoS)
2019-07-10 03:11:39
cve
cve
CVE-2019-13454
2019-07-09 17:15:00
openvas
openvas
ImageMagick < 7.0.8-54 Division By Zero Error Vulnerability - Mac OS X
2019-07-15 00:00:00
ImageMagick < 7.0.8-54 Division By Zero Error Vulnerability - Windows
2019-07-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:2010-1)
2021-06-09 00:00:00
redhatcve
redhatcve
CVE-2019-13454
2019-07-10 04:52:01
osv
osv
CVE-2019-13454
2019-07-09 17:15:11
imagemagick - security update
2020-08-18 00:00:00
imagemagick - security update
2020-06-30 00:00:00
ubuntucve
ubuntucve
CVE-2019-13454
2019-07-09 00:00:00
prion
prion
Design/Logic Flaw
2019-07-09 17:15:00
debiancve
debiancve
CVE-2019-13454
2019-07-09 17:15:00
alpinelinux
alpinelinux
CVE-2019-13454
2019-07-09 17:15:00
ibm
ibm
Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux
2019-12-20 08:47:33
Security Bulletin: Action required for WebSphere Message Broker Hypervisor Edition V8.0 for security vulnerabilities in Red Hat Linux
2020-01-09 10:32:26
Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities
2021-08-13 22:15:02
nessus
nessus
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:2010-1)
2019-08-12 00:00:00
ImageMagick < 7.0.8-56 Multiple vulnerabilities
2019-07-26 00:00:00
Debian DLA-2333-1 : imagemagick security update
2020-08-19 00:00:00
debian
debian
[SECURITY] [DLA 2333-1] imagemagick security update
2020-08-18 23:31:23
[SECURITY] [DSA 4712-1] imagemagick security update
2020-06-30 20:32:11
cloudfoundry
cloudfoundry
USN-4192-1: ImageMagick vulnerabilities | Cloud Foundry
2019-11-18 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2019-11-14 00:00:00
suse
suse
Security update for ImageMagick (moderate)
2019-08-21 00:00:00
amazon
amazon
Important: ImageMagick
2024-01-19 01:51:00
Medium: php55-pecl-imagick
2023-08-21 12:14:00
Medium: php71-pecl-imagick
2023-08-21 12:14:00
oraclelinux
oraclelinux
ImageMagick security, bug fix, and enhancement update
2020-04-06 00:00:00
centos
centos
ImageMagick, autotrace, emacs, inkscape security update
2020-04-08 17:42:49
redhat
redhat
(RHSA-2020:1180) Moderate: ImageMagick security, bug fix, and enhancement update
2020-03-31 09:28:57

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

73.1%

JSON
Related for OPENVAS:1361412562310113429
veracode1cve1openvas10redhatcve1osv3ubuntucve1prion1debiancve1alpinelinux1ibm3nessus28debian2cloudfoundry1ubuntu1suse1amazon10oraclelinux1centos1redhat1