Vulnerabilities > CVE-2009-1882 - Numeric Errors vulnerability in Imagemagick 6.5.28
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_IMAGEMAGICK-090604.NASL description This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 39880 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39880 title openSUSE Security Update : ImageMagick (ImageMagick-967) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update ImageMagick-967. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(39880); script_version("1.10"); script_cvs_date("Date: 2019/10/25 13:36:33"); script_cve_id("CVE-2009-1882"); script_name(english:"openSUSE Security Update : ImageMagick (ImageMagick-967)"); script_summary(english:"Check for the ImageMagick-967 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=507728" ); script_set_attribute( attribute:"solution", value:"Update the affected ImageMagick packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:ImageMagick-extra"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libMagick++-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libMagick++1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libMagickCore1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libMagickWand1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:perl-PerlMagick"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/06/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"ImageMagick-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"ImageMagick-devel-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"ImageMagick-extra-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libMagick++-devel-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libMagick++1-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libMagickCore1-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libMagickWand1-6.4.0.4-20.2") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"perl-PerlMagick-6.4.0.4-20.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick"); }NASL family Windows NASL id IMAGEMAGICK_6_5_2_9.NASL description The remote Windows host is running a version of ImageMagick earlier than 6.5.2-9. Such versions reportedly fail to properly handle malformed last seen 2020-06-01 modified 2020-06-02 plugin id 38951 published 2009-05-29 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38951 title ImageMagick < 6.5.2-9 magick/xwindow.c XMakeImage() Function TIFF File Handling Overflow code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(38951); script_version("1.14"); script_cvs_date("Date: 2018/07/12 19:01:17"); script_cve_id("CVE-2009-1882"); script_bugtraq_id(35111); script_xref(name:"Secunia", value:"35216"); script_name(english:"ImageMagick < 6.5.2-9 magick/xwindow.c XMakeImage() Function TIFF File Handling Overflow"); script_summary(english:"Checks the version of ImageMagick"); script_set_attribute(attribute:"synopsis", value: "The remote Windows host contains an application that is affected by an integer overflow vulnerability."); script_set_attribute(attribute:"description", value: "The remote Windows host is running a version of ImageMagick earlier than 6.5.2-9. Such versions reportedly fail to properly handle malformed 'TIFF' files in the 'XMakeImage()' function. If an attacker can trick a user on the remote host into opening a specially crafted file using the affected application, he can leverage this flaw to execute arbitrary code on the remote host subject to the user's privileges."); script_set_attribute(attribute:"see_also", value:"http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html"); script_set_attribute(attribute:"solution", value: "Upgrade to ImageMagick version 6.5.2-9 or later. Note that you may need to manually uninstall the vulnerable version from the system."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/29"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:imagemagick:imagemagick"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Windows"); script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc."); script_dependencies("imagemagick_installed.nasl"); script_require_keys("installed_sw/ImageMagick"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("install_func.inc"); app = "ImageMagick"; fix = "6.5.2"; fix_build = 9; # Get installs install = get_single_install(app_name:app, exit_if_unknown_ver:TRUE); display_version = install['display_version']; version = install['version']; build = install['build']; path = install['path']; vuln = FALSE; display_fix = fix + "-" + fix_build; if (ver_compare(ver:version, fix:fix, strict:FALSE) < 0) vuln = TRUE; if ((ver_compare(ver:version, fix:fix, strict:FALSE) == 0) && build < fix_build ) vuln = TRUE; if (vuln) { port = get_kb_item("SMB/transport"); if (!port) port = 445; items = make_array("Installed version", display_version, "Fixed version", display_fix, "Path", path ); order = make_list("Path", "Installed version", "Fixed version"); report = report_items_str(report_items:items, ordered_fields:order); security_report_v4(port:port, extra:report, severity:SECURITY_HOLE); exit(0); } else audit(AUDIT_INST_PATH_NOT_VULN, app, display_version, path);NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0653.NASL description From Red Hat Security Advisory 2010:0653 : Updated ImageMagick packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) Users of ImageMagick are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68089 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68089 title Oracle Linux 4 : ImageMagick (ELSA-2010-0653) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0653 and # Oracle Linux Security Advisory ELSA-2010-0653 respectively. # include("compat.inc"); if (description) { script_id(68089); script_version("1.8"); script_cvs_date("Date: 2019/10/25 13:36:08"); script_cve_id("CVE-2009-1882"); script_bugtraq_id(35111); script_xref(name:"RHSA", value:"2010:0653"); script_name(english:"Oracle Linux 4 : ImageMagick (ELSA-2010-0653)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2010:0653 : Updated ImageMagick packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) Users of ImageMagick are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of ImageMagick must be restarted for this update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2010-August/001614.html" ); script_set_attribute( attribute:"solution", value:"Update the affected imagemagick packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-c++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-c++-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/06/02"); script_set_attribute(attribute:"patch_publication_date", value:"2010/08/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL4", reference:"ImageMagick-6.0.7.1-20.el4_8.1")) flag++; if (rpm_check(release:"EL4", reference:"ImageMagick-c++-6.0.7.1-20.el4_8.1")) flag++; if (rpm_check(release:"EL4", reference:"ImageMagick-c++-devel-6.0.7.1-20.el4_8.1")) flag++; if (rpm_check(release:"EL4", reference:"ImageMagick-devel-6.0.7.1-20.el4_8.1")) flag++; if (rpm_check(release:"EL4", reference:"ImageMagick-perl-6.0.7.1-20.el4_8.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick / ImageMagick-c++ / ImageMagick-c++-devel / etc"); }NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0652.NASL description From Red Hat Security Advisory 2010:0652 : Updated ImageMagick packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) This update also fixes the following bug : * previously, portions of certain RGB images on the right side were not rendered and left black when converting or displaying them. With this update, RGB images display correctly. (BZ#625058) Users of ImageMagick are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 68088 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68088 title Oracle Linux 5 : ImageMagick (ELSA-2010-0652) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0652 and # Oracle Linux Security Advisory ELSA-2010-0652 respectively. # include("compat.inc"); if (description) { script_id(68088); script_version("1.8"); script_cvs_date("Date: 2019/10/25 13:36:08"); script_cve_id("CVE-2009-1882"); script_bugtraq_id(35111); script_xref(name:"RHSA", value:"2010:0652"); script_name(english:"Oracle Linux 5 : ImageMagick (ELSA-2010-0652)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Oracle Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "From Red Hat Security Advisory 2010:0652 : Updated ImageMagick packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) This update also fixes the following bug : * previously, portions of certain RGB images on the right side were not rendered and left black when converting or displaying them. With this update, RGB images display correctly. (BZ#625058) Users of ImageMagick are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of ImageMagick must be restarted for this update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://oss.oracle.com/pipermail/el-errata/2010-August/001613.html" ); script_set_attribute( attribute:"solution", value:"Update the affected imagemagick packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-c++"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-c++-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:ImageMagick-perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/06/02"); script_set_attribute(attribute:"patch_publication_date", value:"2010/08/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Oracle Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux"); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux"); os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 5", "Oracle Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu); flag = 0; if (rpm_check(release:"EL5", reference:"ImageMagick-6.2.8.0-4.el5_5.2")) flag++; if (rpm_check(release:"EL5", reference:"ImageMagick-c++-6.2.8.0-4.el5_5.2")) flag++; if (rpm_check(release:"EL5", reference:"ImageMagick-c++-devel-6.2.8.0-4.el5_5.2")) flag++; if (rpm_check(release:"EL5", reference:"ImageMagick-devel-6.2.8.0-4.el5_5.2")) flag++; if (rpm_check(release:"EL5", reference:"ImageMagick-perl-6.2.8.0-4.el5_5.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick / ImageMagick-c++ / ImageMagick-c++-devel / etc"); }NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-261.NASL description A vulnerability has been found and corrected in GraphicsMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 42076 published 2009-10-09 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42076 title Mandriva Linux Security Advisory : graphicsmagick (MDVSA-2009:261) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2009:261. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(42076); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:52"); script_cve_id("CVE-2009-1882"); script_bugtraq_id(35111); script_xref(name:"MDVSA", value:"2009:261"); script_name(english:"Mandriva Linux Security Advisory : graphicsmagick (MDVSA-2009:261)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A vulnerability has been found and corrected in GraphicsMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:graphicsmagick"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:graphicsmagick-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64graphicsmagick-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64graphicsmagick2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64graphicsmagick3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64graphicsmagickwand1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64graphicsmagickwand2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgraphicsmagick-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgraphicsmagick2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgraphicsmagick3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgraphicsmagickwand1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgraphicsmagickwand2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:perl-Graphics-Magick"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1"); script_set_attribute(attribute:"patch_publication_date", value:"2009/08/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/09"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2009.0", reference:"graphicsmagick-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"graphicsmagick-doc-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64graphicsmagick-devel-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64graphicsmagick2-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64graphicsmagickwand1-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libgraphicsmagick-devel-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libgraphicsmagick2-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libgraphicsmagickwand1-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"perl-Graphics-Magick-1.2.5-2.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", reference:"graphicsmagick-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", reference:"graphicsmagick-doc-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64graphicsmagick-devel-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64graphicsmagick3-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"lib64graphicsmagickwand2-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libgraphicsmagick-devel-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libgraphicsmagick3-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libgraphicsmagickwand2-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.1", reference:"perl-Graphics-Magick-1.3.5-3.1mdv2009.1", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201311-10.NASL description The remote host is affected by the vulnerability described in GLSA-201311-10 (GraphicsMagick: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted image file, potentially resulting in arbitrary code execution or a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 70959 published 2013-11-19 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70959 title GLSA-201311-10 : GraphicsMagick: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201311-10. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(70959); script_version("1.7"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2008-1097", "CVE-2009-1882", "CVE-2009-3736", "CVE-2013-4589"); script_bugtraq_id(28822, 35111, 37128, 63002); script_xref(name:"GLSA", value:"201311-10"); script_name(english:"GLSA-201311-10 : GraphicsMagick: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201311-10 (GraphicsMagick: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in GraphicsMagick. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted image file, potentially resulting in arbitrary code execution or a Denial of Service condition. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201311-10" ); script_set_attribute( attribute:"solution", value: "All GraphicsMagick users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-gfx/graphicsmagick-1.3.18'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:graphicsmagick"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2013/11/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"media-gfx/graphicsmagick", unaffected:make_list("ge 1.3.18"), vulnerable:make_list("lt 1.3.18"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "GraphicsMagick"); }NASL family Fedora Local Security Checks NASL id FEDORA_2010-0295.NASL description - Fix BZ#503017 (CVE-2009-1882), BZ#543519 add patch2 ( http://people.debian.org/~naoliv/misc/imagemagick/SA3521 6.diff ) to do not update and ABI change. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 44889 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44889 title Fedora 11 : ImageMagick-6.5.1.2-2.fc11 (2010-0295) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0653.NASL description Updated ImageMagick packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) Users of ImageMagick are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 48751 published 2010-08-26 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48751 title RHEL 4 : ImageMagick (RHSA-2010:0653) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0652.NASL description Updated ImageMagick packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) This update also fixes the following bug : * previously, portions of certain RGB images on the right side were not rendered and left black when converting or displaying them. With this update, RGB images display correctly. (BZ#625058) Users of ImageMagick are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 48750 published 2010-08-26 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48750 title RHEL 5 : ImageMagick (RHSA-2010:0652) NASL family Scientific Linux Local Security Checks NASL id SL_20100825_IMAGEMAGICK_ON_SL5_X.NASL description An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) This update also fixes the following bug : - previously, portions of certain RGB images on the right side were not rendered and left black when converting or displaying them. With this update, RGB images display correctly. (BZ#625058) All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 60843 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60843 title Scientific Linux Security Update : ImageMagick on SL5.x i386/x86_64 NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1903.NASL description Several vulnerabilities have been discovered in graphicsmagick, a collection of image processing tool, which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for GraphicsMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4988 A sign extension error allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. It affects only the oldstable distribution (etch). - CVE-2008-1096 The load_tile function in the XCF coder allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write. It affects only oldstable (etch). - CVE-2008-3134 Multiple vulnerabilities in GraphicsMagick before 1.2.4 allow remote attackers to cause a denial of service (crash, infinite loop, or memory consumption) via vectors in the AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA decoder readers; and the GetImageCharacteristics function in magick/image.c, as reachable from a crafted PNG, JPEG, BMP, or TIFF file. - CVE-2008-6070 Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image. - CVE-2008-6071 Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. - CVE-2008-6072 Multiple vulnerabilities in GraphicsMagick allow remote attackers to cause a denial of service (crash) via vectors in XCF and CINEON images. - CVE-2008-6621 Vulnerability in GraphicsMagick allows remote attackers to cause a denial of service (crash) via vectors in DPX images. - CVE-2009-1882 Integer overflow allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. last seen 2020-06-01 modified 2020-06-02 plugin id 44768 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44768 title Debian DSA-1903-1 : graphicsmagick - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2010-0036.NASL description - Mon Dec 28 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.3.7-4 - CVE-2009-1882 (#503017) - Fri Dec 4 2009 Stepan Kasal <skasal at redhat.com> - 1.3.7-3 - rebuild against perl 5.10.1 - Fri Nov 6 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.3.7-2 - cleanup/uncruftify .spec Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47173 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47173 title Fedora 12 : GraphicsMagick-1.3.7-4.fc12 (2010-0036) NASL family SuSE Local Security Checks NASL id SUSE_11_IMAGEMAGICK-090604.NASL description This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 41350 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41350 title SuSE 11 Security Update : ImageMagick (SAT Patch Number 963) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0652.NASL description Updated ImageMagick packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) This update also fixes the following bug : * previously, portions of certain RGB images on the right side were not rendered and left black when converting or displaying them. With this update, RGB images display correctly. (BZ#625058) Users of ImageMagick are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 48744 published 2010-08-26 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48744 title CentOS 5 : ImageMagick (CESA-2010:0652) NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-6287.NASL description This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 39498 published 2009-06-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39498 title openSUSE 10 Security Update : ImageMagick (ImageMagick-6287) NASL family SuSE Local Security Checks NASL id SUSE_11_0_GRAPHICSMAGICK-090609.NASL description This update of GraphicsMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 39879 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39879 title openSUSE Security Update : GraphicsMagick (GraphicsMagick-988) NASL family Scientific Linux Local Security Checks NASL id SL_20100825_IMAGEMAGICK_ON_SL4_X.NASL description An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 60842 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60842 title Scientific Linux Security Update : ImageMagick on SL4.x i386/x86_64 NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1858.NASL description Several vulnerabilities have been discovered in the imagemagick image manipulation programs which can lead to the execution of arbitrary code, exposure of sensitive information or cause DoS. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1667 Multiple integer overflows in XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-1797 Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted DCM image, or the colors or comments field in a crafted XWD image. It only affects the oldstable distribution (etch). - CVE-2007-4985 A crafted image file can trigger an infinite loop in the ReadDCMImage function or in the ReadXCFImage function. It only affects the oldstable distribution (etch). - CVE-2007-4986 Multiple integer overflows allow context-dependent attackers to execute arbitrary code via a crafted .dcm, .dib, .xbm, .xcf, or .xwd image file, which triggers a heap-based buffer overflow. It only affects the oldstable distribution (etch). - CVE-2007-4987 Off-by-one error allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a last seen 2020-06-01 modified 2020-06-02 plugin id 44723 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44723 title Debian DSA-1858-1 : imagemagick - multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_IMAGEMAGICK-6284.NASL description This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 51682 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/51682 title SuSE 10 Security Update : ImageMagick.rpm (ZYPP Patch Number 6284) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0653.NASL description Updated ImageMagick packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the ImageMagick routine responsible for creating X11 images. An attacker could create a specially crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2009-1882) Users of ImageMagick are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of ImageMagick must be restarted for this update to take effect. last seen 2020-06-01 modified 2020-06-02 plugin id 48745 published 2010-08-26 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/48745 title CentOS 4 : ImageMagick (CESA-2010:0653) NASL family SuSE Local Security Checks NASL id SUSE_11_1_GRAPHICSMAGICK-090609.NASL description This update of GraphicsMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 40164 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40164 title openSUSE Security Update : GraphicsMagick (GraphicsMagick-988) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-260.NASL description A vulnerability has been found and corrected in ImageMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers last seen 2020-06-01 modified 2020-06-02 plugin id 42075 published 2009-10-09 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42075 title Mandriva Linux Security Advisory : imagemagick (MDVSA-2009:260-1) NASL family SuSE Local Security Checks NASL id SUSE_GRAPHICSMAGICK-6294.NASL description This update of GraphicsMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 39497 published 2009-06-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39497 title openSUSE 10 Security Update : GraphicsMagick (GraphicsMagick-6294) NASL family Fedora Local Security Checks NASL id FEDORA_2010-0001.NASL description - Mon Dec 28 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.3.7-4 - CVE-2009-1882 (#503017) - Fri Dec 4 2009 Stepan Kasal <skasal at redhat.com> - 1.3.7-3 - rebuild against perl 5.10.1 - Fri Nov 6 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.3.7-2 - cleanup/uncruftify .spec - Thu Sep 17 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.3.7-1 - GraphicsMagick-1.3.7 - Mon Aug 3 2009 Ville Skytta <ville.skytta at iki.fi> - 1.3.6-2 - Use lzma-compressed upstream source tarball. - Wed Jul 29 2009 Rex Dieter <rdieter at fedoraproject.org> 1.3.6-1 - GraphicsMagick-1.3.6 - Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - Tue Jun 30 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.3.5-1 - GraphicsMagick-1.3.5, ABI break (#487605) - --without-libgs (for now, per upstream advice) - BR: jasper-devel - Tue Jun 30 2009 Rex Dieter <rdieter at fedoraproject.org> - 1.1.15-1 - GraphicsMagick-1.1.15 - fix BuildRoot - multiarch conflicts in GraphicsMagick (#341381) - broken -L in GraphicsMagick.pc (#456466) - %files: track sonames Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47171 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47171 title Fedora 11 : GraphicsMagick-1.3.7-4.fc11 (2010-0001) NASL family SuSE Local Security Checks NASL id SUSE_11_1_IMAGEMAGICK-090604.NASL description This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) last seen 2020-06-01 modified 2020-06-02 plugin id 40165 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/40165 title openSUSE Security Update : ImageMagick (ImageMagick-967) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-784-1.NASL description It was discovered that ImageMagick did not properly verify the dimensions of TIFF files. If a user or automated system were tricked into opening a crafted TIFF file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 39337 published 2009-06-09 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39337 title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : imagemagick vulnerability (USN-784-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201006-03.NASL description The remote host is affected by the vulnerability described in GLSA-201006-03 (ImageMagick: User-assisted execution of arbitrary code) Tielei Wang has discovered that the XMakeImage() function in magick/xwindow.c is prone to an integer overflow, possibly leading to a buffer overflow. Impact : A remote attacker could entice a user to open a specially crafted image, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 46770 published 2010-06-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/46770 title GLSA-201006-03 : ImageMagick: User-assisted execution of arbitrary code
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- http://imagemagick.org/script/changelog.php
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033766.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033833.html
- http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
- http://mirror1.smudge-it.co.uk/imagemagick/www/changelog.html
- http://osvdb.org/54729
- http://secunia.com/advisories/35216
- http://secunia.com/advisories/35382
- http://secunia.com/advisories/35685
- http://secunia.com/advisories/36260
- http://secunia.com/advisories/37959
- http://secunia.com/advisories/55721
- http://security.gentoo.org/glsa/glsa-201311-10.xml
- http://wiki.rpath.com/Advisories:rPSA-2010-0074
- http://www.debian.org/security/2009/dsa-1858
- http://www.openwall.com/lists/oss-security/2009/06/08/1
- http://www.securityfocus.com/archive/1/514516/100/0/threaded
- http://www.securityfocus.com/bid/35111
- http://www.vupen.com/english/advisories/2009/1449
- https://usn.ubuntu.com/784-1/