ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow.

An update of the ImageMagick package has been released.

The remote host is affected by the vulnerability described in GLSA-202405-02 (ImageMagick: Multiple Vulnerabilities)

  - A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads     to a denial of service. This flaw allows an attacker to crash the system. (CVE-2021-4219)

  - An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in     MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of     representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to     an undefined behaviour or a crash. (CVE-2021-20224)

  - A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-     accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File     Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of     service and information disclosure. (CVE-2022-0284)

  - A heap-buffer-overflow flaw was found in ImageMagick's PushShortPixel() function of quantum-private.h     file. This vulnerability is triggered when an attacker passes a specially crafted TIFF image file to     ImageMagick for conversion, potentially leading to a denial of service. (CVE-2022-1115)

  - In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in     MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This     was fixed in upstream ImageMagick version 7.1.0-30. (CVE-2022-2719)

  - A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF     file, it could lead to undefined behavior or a crash causing a denial of service. (CVE-2022-3213)

  - ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

  - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32545)

  - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32546)

  - In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and     for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted     input is processed by ImageMagick, this causes a negative impact to application availability or other     problems related to undefined behavior. (CVE-2022-32547)

  - ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize),     the convert process could be left waiting for stdin input. (CVE-2022-44267)

  - ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for     resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary     has permissions to read it). (CVE-2022-44268)

  - A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function     in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an     out-of-bounds read error, allowing an application to crash, resulting in a denial of service.
    (CVE-2023-1906)

  - A heap-based buffer overflow vulnerability was found in the ImageMagick package that can lead to the     application crashing. (CVE-2023-2157)

  - A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. (CVE-2023-5341)

  - A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting     double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). (CVE-2023-34151)

  - A vulnerability was found in ImageMagick. This security flaw causes a shell command injection     vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding. (CVE-2023-34153)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4634-1 advisory.

  - ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
    (CVE-2019-17540)

  - Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote     attackers to cause a denial of service via converting of crafted image file to pcx format.
    (CVE-2020-21679)

  - A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an     attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through     a division by zero. The highest threat from this vulnerability is to system availability. (CVE-2021-20176)

  - An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in     MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of     representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to     an undefined behaviour or a crash. (CVE-2021-20224)

  - A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed     by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat     from this vulnerability is to system availability. (CVE-2021-20241)

  - A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is     processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The     highest threat from this vulnerability is to system availability. (CVE-2021-20243)

  - A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file     that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero.
    The highest threat from this vulnerability is to system availability. (CVE-2021-20244)

  - A flaw was found in ImageMagick in MagickCore/resample.c. An attacker who submits a crafted file that is     processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The     highest threat from this vulnerability is to system availability. (CVE-2021-20246)

  - A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in     WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file     submitted to an application using ImageMagick. The highest threat from this vulnerability is to system     availability. (CVE-2021-20309)

  - A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero in     sRGBTransformImage() in the MagickCore/colorspace.c may trigger undefined behavior via a crafted image     file that is submitted by an attacker processed by an application using ImageMagick. The highest threat     from this vulnerability is to system availability. (CVE-2021-20311)

  - A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of     coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an     attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is     to system availability. (CVE-2021-20312)

  - A flaw was found in ImageMagick in versions before 7.0.11. A potential cipher leak when the calculate     signatures in TransformSignature is possible. The highest threat from this vulnerability is to data     confidentiality. (CVE-2021-20313)

  - A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-     accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File     Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of     service and information disclosure. (CVE-2022-0284)

  - In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in     MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This     was fixed in upstream ImageMagick version 7.1.0-30. (CVE-2022-2719)

  - ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

  - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32545)

  - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32546)

  - In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and     for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted     input is processed by ImageMagick, this causes a negative impact to application availability or other     problems related to undefined behavior. (CVE-2022-32547)

  - ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize),     the convert process could be left waiting for stdin input. (CVE-2022-44267)

  - ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for     resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary     has permissions to read it). (CVE-2022-44268)

  - A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a     segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to     a segmentation fault, generating many trash files in /tmp, resulting in a denial of service. When     ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file     contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of     size t, ImageMagick generates files of size 103*t. If an attacker uploads a 100M SVG, the server will     generate about 10G. (CVE-2023-1289)

  - A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting     double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546). (CVE-2023-34151)

  - A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-     private.h. This issue may allow a local attacker to trick the user into opening a specially crafted file,     triggering an out-of-bounds read error and allowing an application to crash, resulting in a denial of     service. (CVE-2023-3745)

  - A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. (CVE-2023-5341)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5736-2 advisory.

    USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu     20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while     CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu 22.04 ESM.



Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 ESM / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6200-1 advisory.

    It was discovered that ImageMagick incorrectly handled the -authenticate option for password-protected     PDF files. An attacker could possibly use this issue to inject additional shell commands and perform     arbitrary code execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599)

    It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user     or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker     could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS.
    (CVE-2021-20224)

    Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data.
    If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an     attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 20.04 LTS.
    (CVE-2021-20241, CVE-2021-20243)

    It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based     image files. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20244,     CVE-2021-20309)

    It was discovered that ImageMagick incorrectly handled certain values when performing resampling     operations. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20246)

    It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image     data. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20312)

    It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain     cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed.
    This issue only affected Ubuntu 20.04 LTS. (CVE-2021-20313)

    It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module     policy. An attacker could use this issue to read and write certain restricted files. This issue only     affected Ubuntu 20.04 LTS. (CVE-2021-39212)

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to     cause a denial of service or other unspecified impact. This issue only affected Ubuntu 20.04 LTS.
    (CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547)

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to     cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu     22.10, and Ubuntu 23.04. (CVE-2021-3610, CVE-2023-1906, CVE-2023-3428)

    It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted     SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,     Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1289)

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into opening a specially crafted tiff file, an attacker could possibly exploit this issue to cause     a denial of service or other unspecified impact. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10,     and Ubuntu 23.04. (CVE-2023-3195)

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to     cause a denial of service or other unspecified impact. (CVE-2023-34151)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3429 advisory.

    - -------------------------------------------------------------------------     Debian LTS Advisory DLA-3429-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                    Bastien Roucaries     May 21, 2023                                  https://wiki.debian.org/LTS
    - -------------------------------------------------------------------------

    Package        : imagemagick     Version        : 8:6.9.10.23+dfsg-2.1+deb10u5     CVE ID         : CVE-2021-20176 CVE-2021-20241 CVE-2021-20243 CVE-2021-20244                      CVE-2021-20245 CVE-2021-20246 CVE-2021-20309 CVE-2021-20312                      CVE-2021-20313 CVE-2021-39212 CVE-2022-28463 CVE-2022-32545                      CVE-2022-32546 CVE-2022-32547     Debian Bug     : 996588 1013282 1016442

    Multiple vulnerabilities were fixed in imagemagick, a software suite,     used for editing and manipulating digital images.

    CVE-2021-20176

        A divide by zero was found in gem.c file.

    CVE-2021-20241

        A divide by zero was found in  jp2 coder.

    CVE-2021-20243

        A divide by zero was found in dcm coder.

    CVE-2021-20244

        A divide by zero was found in fx.c.

    CVE-2021-20245

        A divide by zero was found in webp coder.

    CVE-2021-20246

        A divide by zero was found in resample.c.

    CVE-2021-20309

        A divide by zero was found in WaveImage.c

    CVE-2021-20312

        An integer overflow was found in WriteTHUMBNAILImage()         of coders/thumbnail.c

    CVE-2021-20313

        A potential cipher leak was found when the calculate         signatures in TransformSignature().

    CVE-2021-39212

        A policy bypass was found for postscript files.

    CVE-2022-28463

        A bufer overflow was found in  buffer overflow in cin coder.

    CVE-2022-32545

        A undefined behavior (conversion outside the range of         representable values of type 'unsigned char') was found in psd         file handling.

    CVE-2022-32546

        A undefined behavior (conversion outside the range of         representable values of type 'long') was found in pcl         file handling.

    CVE-2022-32547

        An unaligned access was found in property.c

    For Debian 10 buster, these problems have been fixed in version     8:6.9.10.23+dfsg-2.1+deb10u5.

    We recommend that you upgrade your imagemagick packages.

    For the detailed security status of imagemagick please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of ImageMagick installed on the remote host is prior to 6.9.10.68-3.24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1696 advisory.

    An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in     MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of     representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to     an undefined behaviour or a crash. (CVE-2021-20224)

    A vulnerability was found in ImageMagick. Memory leaks are detected when executing a crafted file with the     convert command, affecting availability. (CVE-2021-3574)

    A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads     to a denial of service. This flaw allows an attacker to crash the system. (CVE-2021-4219)

    ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

    A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32545)

    A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32546)

    In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and     for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted     input is processed by ImageMagick, this causes a negative impact to application availability or other     problems related to undefined behavior. (CVE-2022-32547)

    ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize),     the convert process could be left waiting for stdin input. (CVE-2022-44267)

    ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for     resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary     has permissions to read it). (CVE-2022-44268)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of ImageMagick installed on the remote host is prior to 6.9.10.68-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1971 advisory.

    An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in     MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of     representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to     an undefined behaviour or a crash. (CVE-2021-20224)

    A vulnerability was found in ImageMagick. Memory leaks are detected when executing a crafted file with the     convert command, affecting availability. (CVE-2021-3574)

    A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads     to a denial of service. This flaw allows an attacker to crash the system. (CVE-2021-4219)

    ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

    A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32545)

    A vulnerability was found in ImageMagick, causing an outside the range of representable values of type     'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative     impact to application availability or other problems related to undefined behavior. (CVE-2022-32546)

    In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and     for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted     input is processed by ImageMagick, this causes a negative impact to application availability or other     problems related to undefined behavior. (CVE-2022-32547)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5736-1 advisory.

    It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user     or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker     could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04     ESM and Ubuntu 18.04 LTS. (CVE-2021-20224)

    Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data.
    If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an     attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and     Ubuntu 22.10. (CVE-2021-20241)

    Zhang Xiaohui discovered that ImageMagick incorrectly handled certain values when processing image data.
    If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an     attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14.04 ESM,     Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20243)

    It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based     image files. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20244)

    It was discovered that ImageMagick could be made to divide by zero when processing crafted files. By     tricking a user into opening a specially crafted image file, an attacker could crash the application     causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20245)

    It was discovered that ImageMagick incorrectly handled certain values when performing resampling     operations. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20246)

    It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based     image files. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20309)

    It was discovered that ImageMagick incorrectly handled certain values when processing thumbnail image     data. By tricking a user into opening a specially crafted image file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20312)

    It was discovered that ImageMagick incorrectly handled memory cleanup when performing certain     cryptographic operations. Under certain conditions sensitive cryptographic information could be disclosed.
    This issue only affected Ubuntu 22.10. (CVE-2021-20313)

    It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user     were tricked into opening a specially crafted file using the convert command, an attacker could possibly     use this issue to cause ImageMagick to crash, resulting in a denial of service. This issue only affected     Ubuntu 22.10. (CVE-2021-3574)

    It was discovered that ImageMagick did not use the correct rights when specifically excluded by a module     policy. An attacker could use this issue to read and write certain restricted files. This issue only     affected Ubuntu 22.10. (CVE-2021-39212)

    It was discovered that ImageMagick incorrectly handled certain values when processing specially crafted     SVG files. By tricking a user into opening a specially crafted SVG file, an attacker could crash the     application causing a denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-4219)

    It was discovered that ImageMagick did not properly manage memory under certain circumstances. If a user     were tricked into opening a specially crafted DICOM file, an attacker could possibly use this issue to     cause ImageMagick to crash, resulting in a denial of servicei, or expose sensitive information. This issue     only affected Ubuntu 22.10. (CVE-2022-1114)

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into opening a specially crafted image file, an attacker could possibly exploit this issue to     cause a denial of service or other unspecified impact. This issue only affected Ubuntu 22.10.
    (CVE-2022-28463)

    It was discovered that ImageMagick incorrectly handled certain values. If a user were tricked into     processing a specially crafted image file, an attacker could possibly exploit this issue to cause a denial     of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and     Ubuntu 22.10. (CVE-2022-32545, CVE-2022-32546)

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into processing a specially crafted image file, an attacker could possibly exploit this issue to     cause a denial of service or other unspecified impact. This issue only affected Ubuntu 14.04 ESM, Ubuntu     18.04 LTS and Ubuntu 22.10. (CVE-2022-32547)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2998-1 advisory.

  - In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in     MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This     was fixed in upstream ImageMagick version 7.1.0-30. (CVE-2022-2719)

  - ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5456-1 advisory.

    It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were     tricked into opening a specially crafted image, an attacker could possibly exploit this issue to cause a     denial of service or other unspecified impact.

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1885-1 advisory.

  - In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. (CVE-2022-1270)

  - ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1762-1 advisory.

  - ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3007 advisory.

    CVE-2021-3596 A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in     ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's     xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault.
    CVE-2022-28463 ImageMagick is vulnerable to Buffer Overflow. For Debian 9 stretch, these problems have     been fixed in version 8:6.9.7.4+dfsg-11+deb9u14. We recommend that you upgrade your imagemagick packages.
    For the detailed security status of imagemagick please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/imagemagick Further information about Debian LTS security     advisories, how to apply these updates to your system and frequently asked questions can be found at:
    https://wiki.debian.org/LTS

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
203448	Photon OS 4.0: Imagemagick PHSA-2023-4.0-0402	Nessus	PhotonOS Local Security Checks	critical
194973	GLSA-202405-02 : ImageMagick: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	high
186519	SUSE SLES15 Security Update : ImageMagick (SUSE-SU-2023:4634-1)	Nessus	SuSE Local Security Checks	high
183723	Ubuntu 20.04 ESM / 22.04 ESM : ImageMagick vulnerabilities (USN-5736-2)	Nessus	Ubuntu Local Security Checks	high
177934	Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 ESM / 23.04 : ImageMagick vulnerabilities (USN-6200-1)	Nessus	Ubuntu Local Security Checks	high
176199	Debian dla-3429 : imagemagick - security update	Nessus	Debian Local Security Checks	high
172217	Amazon Linux AMI : ImageMagick (ALAS-2023-1696)	Nessus	Amazon Linux Local Security Checks	high
172168	Amazon Linux 2 : ImageMagick (ALAS-2023-1971)	Nessus	Amazon Linux Local Security Checks	high
168160	Ubuntu 16.04 ESM / 18.04 LTS : ImageMagick vulnerabilities (USN-5736-1)	Nessus	Ubuntu Local Security Checks	high
164659	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2022:2998-1)	Nessus	SuSE Local Security Checks	high
161759	Ubuntu 16.04 ESM / 18.04 LTS : ImageMagick vulnerability (USN-5456-1)	Nessus	Ubuntu Local Security Checks	high
161735	SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2022:1885-1)	Nessus	SuSE Local Security Checks	high
161423	SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2022:1762-1)	Nessus	SuSE Local Security Checks	high
161205	Debian DLA-3007-1 : imagemagick - LTS security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2022-28463

high

Tenable Plugins

critical

high

high

high

high

high

high

high

high

high

high

high

high

high