- Vulnerabilities 79,551
Debian LTS: Security Advisory for imagemagick (DLA-2523-1)
Published: 2021-01-13 04:00:30
CVE Author: NIST National Vulnerability Database
CVSS Base Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
Summary:
The remote host is missing an update for the 'imagemagick'
Linux Distribution Package(s) announced via the DLA-2523-1 advisory.
Detection Method:
Checks if a vulnerable Linux Distribution Package version is present on the target host.
Technical Details:
Several security vulnerabilities were found in ImageMagick, a suite of
image manipulation programs. An attacker could cause denial of service
and execution of arbitrary code when a crafted image file is
processed.
CVE-2017-14528
The TIFFSetProfiles function in coders/tiff.c has incorrect
expectations about whether LibTIFF TIFFGetField return values
imply that data validation has occurred, which allows remote
attackers to cause a denial of service (use-after-free after an
invalid call to TIFFSetField, and application crash) via a crafted
file.
CVE-2020-19667
Stack-based buffer overflow and unconditional jump in ReadXPMImage
in coders/xpm.c
CVE-2020-25665
The PALM image coder at coders/palm.c makes an improper call to
AcquireQuantumMemory() in routine WritePALMImage() because it
needs to be offset by 256. This can cause a out-of-bounds read
later on in the routine. This could cause impact to reliability.
CVE-2020-25674
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for
loop with an improper exit condition that can allow an
out-of-bounds READ via heap-buffer-overflow. This occurs because
it is possible for the colormap to have less than 256 valid values
but the loop condition will loop 256 times, attempting to pass
invalid colormap data to the event logger.
CVE-2020-27560
ImageMagick allows Division by Zero in OptimizeLayerFrames in
MagickCore/layer.c, which may cause a denial of service.
CVE-2020-27750
A flaw was found in MagickCore/colorspace-private.h and
MagickCore/quantum.h. An attacker who submits a crafted file that
is processedcould trigger undefined behavior in the form of values
outside the range of type `unsigned char` and math division by
zero. This would most likely lead to an impact to application
availability, but could potentially cause other problems related
to undefined behavior.
CVE-2020-27760
In `GammaImage()` of /MagickCore/enhance.c, depending on the
`gamma` value, it's possible to trigger a divide-by-zero condition
when a crafted input file is processed by ImageMagick. This could
lead to an impact to application availability.
CVE-2020-27763
A flaw was found in MagickCore/resize.c. An attacker who submits a
crafted file that is processed by ImageMagick could trigger
undefined behavior in the form of math division by zero. This
would most likely lead to an impact to application availability,
but could potentially cause other problems related to undefined
behavior.
CVE-2020-27765
A flaw was found in MagickCore/segment.c. An attacker who submits
a crafted file that is processed by ImageMagick could trigger
undefined behavior in the form of math division by zero. This
...
Description truncated. Please see the references for more information.
Affected Versions:
'imagemagick' Linux Distribution Package(s) on Debian Linux.
Recommendations:
For Debian 9 stretch, these problems have been fixed in version
8:6.9.7.4+dfsg-11+deb9u11.
We recommend that you upgrade your imagemagick Linux Distribution Packages.
Solution Type:
Vendor Patch
Detection Type:
Linux Distribution Package
https://nvd.nist.gov/vuln/detail/CVE-2017-14528
https://nvd.nist.gov/vuln/detail/CVE-2020-19667
https://nvd.nist.gov/vuln/detail/CVE-2020-25665
https://nvd.nist.gov/vuln/detail/CVE-2020-25674
https://nvd.nist.gov/vuln/detail/CVE-2020-27560
https://nvd.nist.gov/vuln/detail/CVE-2020-27750
https://nvd.nist.gov/vuln/detail/CVE-2020-27760
https://nvd.nist.gov/vuln/detail/CVE-2020-27763
https://nvd.nist.gov/vuln/detail/CVE-2020-27765
https://nvd.nist.gov/vuln/detail/CVE-2020-27773
https://nvd.nist.gov/vuln/detail/CVE-2020-29599
https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html
https://security-tracker.debian.org/tracker/DLA-2523-1
https://bugs.debian.org/878544
https://bugs.debian.org/972797
https://bugs.debian.org/977205
Free Vulnerability Scanning, Assessment and Management
Mageni's Platform is packed with all the features you need to scan, assess and manage vulnerabilities like this - it is free, open source, lightning fast, reliable and scalable.
Frequently Asked Questions
Do you limit the number of concurrent scans?
No, you can scan concurrently as many assets as you want. Please note that you must be aware of the hardware requeriments of the platform to ensure a good performance.
Do you limit the number of assets?
No, you can add as many assest as you want. It doesn't matters if you have millions of assets, we won't charge you for that.
Will I ever be charged to use the software?
No. The software is completely free. We have no intention to charge you to use the software, in fact - it completely goes against our beliefs and business model.
What's a vulnerability?
A vulnerability is defined in the ISO 27002 standard as “A weakness of an asset or group of assets that can be exploited by one or more threats” (International Organization for Standardization, 2005)
How can you offer this for free?
We generate revenue by providing support and other services for customers that require a subscription so they get guaranteed support and enterprise services. To use Mageni's Platform is completely free, with no limits at all.
Do you offer enterprise and professional support?
Yes. Mageni understands that there are professionals and businesses that need commercial support so Mageni provides an active support subscription with everything needed to run Mageni's Platform reliably and securely. More than software, it's access to security experts, knowledge resources, security updates, and support tools you can't get anywhere else. The subscription includes:
- Ongoing delivery
- Patches
- Bug fixes
- Updates
- Upgrades
- Technical support
- 24/7 availability
- Unlimited Incidents
- Specialty-based routing
- Multi-Channel
- Commitments
- Software certifications
- Software assurance
- SLA
Do you store my vulnerability information on your servers?
No, we don't store the information of your vulnerabilities in our servers.
What's vulnerability management?
Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization. The term vulnerability management is often confused with vulnerability scanning. Despite the fact both are related, there is an important difference between the two. Vulnerability scanning consists of using a computer program to identify vulnerabilities in networks, computer infrastructure or applications. Vulnerability management is the process surrounding vulnerability scanning, also taking into account other aspects such as risk acceptance, remediation etc. Source: "Implementing a Vulnerability Management Process". SANS Institute.