Vulnerabilities > CVE-2015-8959 - Resource Management Errors vulnerability in Imagemagick

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
imagemagick
CWE-399
nessus

Summary

coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.

Vulnerable Configurations

Part Description Count
Application
Imagemagick
789

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2017-1116.NASL
    descriptionAccording to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.i1/4^CVE-2015-8959i1/4%0 - coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.i1/4^CVE-2016-5010i1/4%0 - The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.i1/4^CVE-2016-7522i1/4%0 - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.i1/4^CVE-2016-7532i1/4%0 - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.i1/4^CVE-2016-7535i1/4%0 - MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.i1/4^CVE-2016-7537i1/4%0 - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.i1/4^CVE-2016-7538i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2017-07-21
    plugin id101849
    published2017-07-21
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101849
    titleEulerOS 2.0 SP1 : ImageMagick (EulerOS-SA-2017-1116)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1282.NASL
    descriptionThis update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421) - CVE-2016-7540: writing to RGF format aborts (bsc#1000394) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: Out-of-bound access in wpg file coder: (bsc#1000436) - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - Divide by zero in WriteTIFFImage (bsc#1002206) This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-05
    modified2016-11-14
    plugin id94754
    published2016-11-14
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94754
    titleopenSUSE Security Update : ImageMagick (openSUSE-2016-1282)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3131-1.NASL
    descriptionIt was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95053
    published2016-11-22
    reporterUbuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95053
    titleUbuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : imagemagick vulnerabilities (USN-3131-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2667-1.NASL
    descriptionThis update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421) - CVE-2016-7540: writing to RGF format aborts (bsc#1000394) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7532: fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: Out-of-bound access in wpg file coder: (bsc#1000436) - CVE-2016-7526: out-of-bounds write in ./MagickCore/pixel-accessor.h (bsc#1000702) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7101: raphicsMagick: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: raphicsMagick: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2015-8959: dOS due to corrupted DDS files (bsc#1000713) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - Divide by zero in WriteTIFFImage (bsc#1002206) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id94433
    published2016-10-31
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/94433
    titleSUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2016:2667-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-2964-1.NASL
    descriptionThis update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8862: Memory allocation failure in AcquireMagickMemory (bsc#1007245) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7529: out of bound in quantum handling (bsc#1000399) - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-7527: out of bound access in wpg file coder: (bsc#1000436) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7528: out of bound access in xcf file coder (bsc#1000434) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7517: out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2016-7519: out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7799: mogrify global buffer overflow (bsc#1002421) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id95453
    published2016-12-01
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95453
    titleSUSE SLES11 Security Update : ImageMagick (SUSE-SU-2016:2964-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2017-1112.NASL
    descriptionAccording to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.(CVE-2015-8959) - coders/tiff.c in ImageMagick before 6.9.5-3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF file.(CVE-2016-5010) - The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.(CVE-2016-7522) - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PSD file.(CVE-2016-7535) - MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.(CVE-2016-7537) - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file.(CVE-2016-7538) - coders/psd.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.(CVE-2016-7532) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2017-06-16
    plugin id100814
    published2017-06-16
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/100814
    titleEulerOS 2.0 SP2 : ImageMagick (EulerOS-SA-2017-1112)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2016-1242.NASL
    descriptionThis update for ImageMagick fixes the following issues : - CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123) - CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127) - CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125) - CVE-2016-8677: Memory allocation failure in AcquireQuantumPixels (bsc#1005328) - CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629) - CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422) - CVE-2016-7799: Mogrify global buffer overflow (bsc#1002421) - CVE-2016-7540: Writing to RGF format aborts (bsc#1000394) - CVE-2016-7539: Potential DOS by not releasing memory (bsc#1000715) - CVE-2016-7538: SIGABRT for corrupted pdb file (bsc#1000712) - CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711) - CVE-2016-7536: SEGV reported in corrupted profile handling (bsc#1000710) - CVE-2016-7535: Out of bound access for corrupted psd file (bsc#1000709) - CVE-2016-7534: Out of bound access in generic decoder (bsc#1000708) - CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707) - CVE-2016-7532: Fix handling of corrupted psd file (bsc#1000706) - CVE-2016-7531: Pbd file out of bound access (bsc#1000704) - CVE-2016-7530: Out of bound in quantum handling (bsc#1000703) - CVE-2016-7529: Out of bound in quantum handling (bsc#1000399) - CVE-2016-7528: Out of bound access in xcf file coder (bsc#1000434) - CVE-2016-7527: Out of bound access in wpg file coder: (bsc#1000436) - CVE-2016-7525: Heap buffer overflow in psd file coder (bsc#1000701) - CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700) - CVE-2016-7523: AddressSanitizer:heap-buffer-overflow READ of size 1 meta.c:496 (bsc#1000699) - CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698) - CVE-2016-7521: Heap buffer overflow in psd file handling (bsc#1000697) - CVE-2016-7520: Heap overflow in hdr file handling (bsc#1000696) - CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695) - CVE-2016-7518: Out-of-bounds read in coders/sun.c (bsc#1000694) - CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693) - CVE-2016-7516: Out of bounds problem in rle, pict, viff and sun files (bsc#1000692) - CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689) - CVE-2016-7514: Out-of-bounds read in coders/psd.c (bsc#1000688) - CVE-2016-7513: Off-by-one error leading to segfault (bsc#1000686) - CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221) - CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066) - CVE-2015-8959: DOS due to corrupted DDS files (bsc#1000713) - CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691) - CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690) - CVE-2014-9907: DOS due to corrupted DDS files (bsc#1000714) - Divide by zero in WriteTIFFImage (bsc#1002206) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
    last seen2020-06-05
    modified2016-10-31
    plugin id94425
    published2016-10-31
    reporterThis script is Copyright (C) 2016-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/94425
    titleopenSUSE Security Update : ImageMagick (openSUSE-2016-1242)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3652.NASL
    descriptionThis updates fixes many vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed.
    last seen2020-06-01
    modified2020-06-02
    plugin id93115
    published2016-08-26
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/93115
    titleDebian DSA-3652-1 : imagemagick - security update