11 matches found
Ubuntu 20.04 LTS / 22.04 LTS : ImageMagick vulnerabilities (USN-6200-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-2 advisory. USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This...
USN-6200-2: ImageMagick vulnerabilities
USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...
USN-6200-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...
Fedora 37 : ImageMagick (2023-541c04817f)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-541c04817f advisory. Update ImageMagick to 6.9.12.86 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
MGASA-2023-0161 Updated imagemagick packages fix security vulnerability
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of...
Medium: ImageMagick
Issue Overview: Possible heap-based buffer overflow attack in ImportMultiSpectralQuantum in MagickCore/quantum-import.c for ImageMagick CVE-2023-1906 Affected Packages: ImageMagick Issue Correction: Run dnf update ImageMagick --releasever 2023.0.20230503 or dnf update --advisory ALAS2023-2023-170...
SUSE SLED15: ImageMagick / ImageMagick-config-7-SUSE / etc (SUSE-SU-2023:1927-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1927-1 advisory. - CVE-2023-1906: Fixed a heap-based buffer overflow in ImportMultiSpectralQuantum. bsc1210308 Tenable has...
SUSE-SU-2023:1927-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2023-1906: Fixed a heap-based buffer overflow in ImportMultiSpectralQuantum. bsc1210308...
CVE-2023-1906
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of servi...
CVE-2023-1906
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of servi...
CVE-2023-1906
ImageMagick vulnerability CVE-2023-1906 is a heap-based buffer overflow in ImportMultiSpectralQuantum() (MagickCore/quantum-import.c). A crafted file can trigger an out-of-bounds read, causing an application crash and denial of service. Affected software is ImageMagick; root cause is a malformed ...