http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16

[oss-security] 20160602 Re: ImageMagick CVEs

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

91018

RHSA-2016:1237

[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update

Various vulnerabilities were discovered in graphicsmagick, a collection of image processing tools and associated libraries, resulting in denial of service, information disclosure, and a variety of buffer overflows and overreads.

For Debian 8 'Jessie', these problems have been fixed in version 1.3.20-3+deb8u4.

We recommend that you upgrade your graphicsmagick packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - It was discovered that ImageMagick did not properly     sanitize certain input before using it to invoke     processes. A remote attacker could create a specially     crafted image that, when processed by an application     using ImageMagick or an unsuspecting user using the     ImageMagick utilities, would lead to arbitrary     execution of shell commands with the privileges of the     user running the application.(CVE-2016-5118)

  - It was discovered that ImageMagick did not properly     sanitize certain input before passing it to the gnuplot     delegate functionality. A remote attacker could create     a specially crafted image that, when processed by an     application using ImageMagick or an unsuspecting user     using the ImageMagick utilities, would lead to     arbitrary execution of shell commands with the     privileges of the user running the application.
    (CVE-2016-5239)

  - Multiple flaws have been discovered in ImageMagick. A     remote attacker could, for example, create specially     crafted images that, when processed by an application     using ImageMagick or an unsuspecting user using the     ImageMagick utilities, would result in a memory     corruption and, potentially, execution of arbitrary     code, a denial of service, or an application crash.
    (CVE-2015-8896, CVE-2015-8895, CVE-2016-5240,     CVE-2015-8897, CVE-2015-8898)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.
(CVE-2016-5118)

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5239)

Multiple flaws have been discovered in ImageMagick. A remote attacker could, for example, create specially crafted images that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would result in a memory corruption and, potentially, execution of arbitrary code, a denial of service, or an application crash. (CVE-2015-8896 , CVE-2015-8895 , CVE-2016-5240 , CVE-2015-8897 , CVE-2015-8898)

Security Fix(es) :

  - It was discovered that ImageMagick did not properly     sanitize certain input before using it to invoke     processes. A remote attacker could create a specially     crafted image that, when processed by an application     using ImageMagick or an unsuspecting user using the     ImageMagick utilities, would lead to arbitrary execution     of shell commands with the privileges of the user     running the application. (CVE-2016-5118)

  - It was discovered that ImageMagick did not properly     sanitize certain input before passing it to the gnuplot     delegate functionality. A remote attacker could create a     specially crafted image that, when processed by an     application using ImageMagick or an unsuspecting user     using the ImageMagick utilities, would lead to arbitrary     execution of shell commands with the privileges of the     user running the application. (CVE-2016-5239)

  - Multiple flaws have been discovered in ImageMagick. A     remote attacker could, for example, create specially     crafted images that, when processed by an application     using ImageMagick or an unsuspecting user using the     ImageMagick utilities, would result in a memory     corruption and, potentially, execution of arbitrary     code, a denial of service, or an application crash.
    (CVE-2015-8896, CVE-2015-8895, CVE-2016-5240,     CVE-2015-8897, CVE-2015-8898)

An update for ImageMagick is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

[Updated 18 July 2016] This advisory has been updated to push packages into the Red Hat Enterprise Linux 6 Desktop channels. The packages included in this revised update have not been changed in any way from the packages included in the original advisory.

ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats.

Security Fix(es) :

* It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.
(CVE-2016-5118)

* It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5239)

* Multiple flaws have been discovered in ImageMagick. A remote attacker could, for example, create specially crafted images that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would result in a memory corruption and, potentially, execution of arbitrary code, a denial of service, or an application crash. (CVE-2015-8896, CVE-2015-8895, CVE-2016-5240, CVE-2015-8897, CVE-2015-8898)

From Red Hat Security Advisory 2016:1237 :

An update for ImageMagick is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

[Updated 18 July 2016] This advisory has been updated to push packages into the Red Hat Enterprise Linux 6 Desktop channels. The packages included in this revised update have not been changed in any way from the packages included in the original advisory.

ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats.

Security Fix(es) :

* It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.
(CVE-2016-5118)

* It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5239)

* Multiple flaws have been discovered in ImageMagick. A remote attacker could, for example, create specially crafted images that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would result in a memory corruption and, potentially, execution of arbitrary code, a denial of service, or an application crash. (CVE-2015-8896, CVE-2015-8895, CVE-2016-5240, CVE-2015-8897, CVE-2015-8898)

ID	Name	Product	Family	Severity
111520	Debian DLA-1456-1 : graphicsmagick security update	Nessus	Debian Local Security Checks	critical
99792	EulerOS 2.0 SP1 : ImageMagick (EulerOS-SA-2016-1029)	Nessus	Huawei Local Security Checks	critical
91768	Amazon Linux AMI : ImageMagick (ALAS-2016-716)	Nessus	Amazon Linux Local Security Checks	critical
91712	Scientific Linux Security Update : ImageMagick on SL6.x, SL7.x i386/x86_64 (20160617)	Nessus	Scientific Linux Local Security Checks	critical
91642	RHEL 6 / 7 : ImageMagick (RHSA-2016:1237)	Nessus	Red Hat Local Security Checks	critical
91641	Oracle Linux 6 / 7 : ImageMagick (ELSA-2016-1237)	Nessus	Oracle Linux Local Security Checks	critical
91636	CentOS 6 / 7 : ImageMagick (CESA-2016:1237)	Nessus	CentOS Local Security Checks	critical

CVE-2016-5239

CRITICAL

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical