19 matches found
Ubuntu 20.04 LTS / 22.04 LTS : ImageMagick vulnerabilities (USN-6200-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-2 advisory. USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This...
USN-6200-2: ImageMagick vulnerabilities
USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...
SUSE: Security Advisory (SUSE-SU-2023:4634-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6200-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...
EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2023-2149)
According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to...
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2023-2149)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: ImageMagick
Issue Overview: An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file,...
EulerOS 2.0 SP8 : ImageMagick (EulerOS-SA-2023-1318)
According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to...
Mageia: Security Advisory (MGASA-2022-0446)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5736-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5736-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14....
SUSE SLED12: ImageMagick / ImageMagick-config-6-SUSE / etc (SUSE-SU-2022:3138-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3138-1 advisory. - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file bsc1202800. Tenable has extracte...
ImageMagick < 7.0.10-57 Integer Overflow
The remote Windows host has a version of ImageMagick installed that is prior 7.0.10-57. It is, therefore, affected by an integer overflow error in the GetPixelIndex function. An attacker can craft a malicious PDF file that, when processed by ImageMagick, results in undefined behavior or a crash...
SUSE: Security Advisory (SUSE-SU-2022:3138-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3119-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3119-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file bsc1202800. - CVE-2022-2719: Fixed a reachable assertion that could lead to denial of service via a crafted file bsc1202250...
CVE-2021-20224
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead t...
CVE-2021-20224
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead t...
CVE-2021-20224
CVE-2021-20224 is an ImageMagick vulnerability: an integer overflow in MagickCore/quantum-export.c (ExportIndexQuantum) where GetPixelIndex() can produce values outside the range of an unsigned char when processing crafted PDFs, potentially causing undefined behavior or a crash. The issue is docu...