Vulnerabilities > CVE-2017-11532 - Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.61
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- HTTP DoS An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3808-1.NASL description This update for ImageMagick fixes the following issues : CVE-2017-14997: ImageMagick allowed remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c. (bsc#1112399) CVE-2018-16644: A regression in the security fix for the pict coder was fixed (bsc#1107609) CVE-2017-11532: When ImageMagick processed a crafted file in convert, it could lead to a Memory Leak in the WriteMPCImage() function in coders/mpc.c. (bsc#1050129) CVE-2017-11639: A regression in the security fix in the cip coder was fixed (bsc#1050635) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 119041 published 2018-11-20 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119041 title SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:3808-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3095-1.NASL description This update for ImageMagick fixes the following security issues : CVE-2017-11532: Prevent a memory leak vulnerability in the WriteMPCImage() function in coders/mpc.c via a crafted file allowing for DoS (bsc#1050129) CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function (bsc#1108283) CVE-2018-16749: Added missing NULL check in ReadOneJNGImage that allowed an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file (bsc#1108282) CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604) CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) This update also relaxes the restrictions of use of Postscript like formats to last seen 2020-06-01 modified 2020-06-02 plugin id 118078 published 2018-10-12 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118078 title SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:3095-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-35.NASL description This update for GraphicsMagick fixes the following issues : Security issues fixed : - CVE-2017-12672: Memory leak vulnerability allowed DoS via MAT image files (bsc#1052720) - CVE-2017-13060: Memory leak vulnerability allowed DoS via MAT image files (bsc#1055065) - CVE-2017-12670: Specially crafted MAT images may lead to an assertion failure and DoS (bsc#1052731) - CVE-2017-10800: Specially crafted MAT images may lead to memory denial of service (bsc#1047044) - CVE-2017-13648: Memory leak vulnerability allowed DoS via MAT image files (bsc#1055434) - CVE-2017-12564: Memory leak vulnerability allowed DoS via MAT image files (bsc#1052468) - CVE-2017-12675: Memory leak vulnerability allowed DoS via MAT image files (bsc#1052710) - CVE-2017-14326: Memory leak vulnerability allowed DoS via MAT image files (bsc#1058640) - CVE-2017-17881: Memory leak vulnerability allowed DoS via MAT image files (bsc#1074123) - CVE-2017-11449: coders/mpc.c in ImageMagick before 7.0.6-1 remote denial of service (boo#1049373) - CVE-2017-11532: Memory Leak in WriteMPCImage() in coders/mpc.c (boo#1050129) - CVE-2017-16547: Incorrect memory management in DrawImage function in magick/render.c could lead to denial of service (boo#1067177) - CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in MagickWand/montage.c (bsc#1074975) - Memory leak in pwp.c (boo#1051412) last seen 2020-06-05 modified 2018-01-16 plugin id 106064 published 2018-01-16 reporter This script is Copyright (C) 2018-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/106064 title openSUSE Security Update : GraphicsMagick (openSUSE-2018-35) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1181.NASL description This update for ImageMagick fixes the following security issues : - CVE-2017-11532: Prevent a memory leak vulnerability in the WriteMPCImage() function in coders/mpc.c via a crafted file allowing for DoS (bsc#1050129) - CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function (bsc#1108283) - CVE-2018-16749: Added missing NULL check in ReadOneJNGImage that allowed an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file (bsc#1108282) - CVE-2018-16642: The function InsertRow allowed remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write (bsc#1107616) - CVE-2018-16640: Prevent memory leak in the function ReadOneJNGImage (bsc#1107619) - CVE-2018-16643: The functions ReadDCMImage, ReadPWPImage, ReadCALSImage, and ReadPICTImage did check the return value of the fputc function, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107612) - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image (bsc#1107609) - CVE-2018-16645: Prevent excessive memory allocation issue in the functions ReadBMPImage and ReadDIBImage, which allowed remote attackers to cause a denial of service via a crafted image file (bsc#1107604) - CVE-2018-16413: Prevent heap-based buffer over-read in the PushShortPixel function leading to DoS (bsc#1106989) This update also relaxes the restrictions of use of Postscript like formats to last seen 2020-06-05 modified 2018-10-18 plugin id 118192 published 2018-10-18 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118192 title openSUSE Security Update : ImageMagick (openSUSE-2018-1181) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1081.NASL description This updates fixes numerous vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed DPX, RLE, CIN, DIB, EPT, MAT, VST, PNG, JNG, MNG, DVJU, JPEG, TXT, PES, MPC, UIL, PS, PALM, CIP, TIFF, ICON, MAGICK, DCM, MSL, WMF, MIFF, PCX, SUN, PSD, MVG, PWP, PICT, PDB, SFW, or XCF files are processed. For Debian 7 last seen 2020-03-17 modified 2017-09-01 plugin id 102889 published 2017-09-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/102889 title Debian DLA-1081-1 : imagemagick security update