14 matches found
Ubuntu 20.04 LTS / 22.04 LTS : ImageMagick vulnerabilities (USN-6200-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-2 advisory. USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This...
USN-6200-2: ImageMagick vulnerabilities
USN-6200-1 fixed vulnerabilities in ImageMagick. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. This update fixes the problem. Original advisory details: It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected...
MGASA-2024-0064 Updated imagemagick packages fix security vulnerabilities
The updated packages fix security vulnerabilities: A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation...
CVE-2023-3428
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service...
CVE-2023-3428 Imagemagick: heap-buffer-overflow in coders/tiff.c
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service...
CVE-2023-3428
CVE-2023-3428 is a heap-based buffer overflow vulnerability in ImageMagick's coders/tiff.c. A local attacker could trick a user into opening a crafted TIFF file, resulting in an application crash and denial of service. Public advisories (e.g., Debian DSA-5628-1 and ALAS/Cloud Foundry notices) ind...
OESA-2023-1442 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...
Amazon Linux 2 : ImageMagick (ALAS-2023-2123)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2123 advisory. The upstream bug report describes this issue as follows:A vulnerability was found in ImageMagick =7.1.1, where heap-based...
Amazon Linux AMI : ImageMagick (ALAS-2023-1781)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1781 advisory. stack overflow when parsing malicious tiff image CVE-2023-3195 The upstream bug report describes this issue as...
Medium: ImageMagick
Issue Overview: The upstream bug report describes this issue as follows: "A vulnerability was found in ImageMagick =7.1.1, where heap-based buffer overflow was found in coders/tiff.c." CVE-2023-3428 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core...
Medium: ImageMagick
Issue Overview: The upstream bug report describes this issue as follows: "A vulnerability was found in ImageMagick =7.1.1, where heap-based buffer overflow was found in coders/tiff.c." CVE-2023-3428 Affected Packages: ImageMagick Issue Correction: Run dnf update ImageMagick --releasever...
Medium: ImageMagick
Issue Overview: stack overflow when parsing malicious tiff image CVE-2023-3195 The upstream bug report describes this issue as follows: "A vulnerability was found in ImageMagick =7.1.1, where heap-based buffer overflow was found in coders/tiff.c." CVE-2023-3428 Affected Packages: ImageMagick Issu...
USN-6200-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled the "-authenticate" option for password-protected PDF files. An attacker could possibly use this issue to inject additional shell commands and perform arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. CVE-2020-29599 It was...
CVE-2023-3428
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service...