ImageMagick < 6.7.8-8 gif.c Memory Corruption

medium Nessus Plugin ID 70739

Synopsis

The remote Windows host contains an application that is affected by a memory corruption vulnerability.

Description

The remote Windows host is running a version of ImageMagick prior to version 6.7.8-8. It is, therefore, affected by a memory corruption vulnerability in 'gif.c' while processing GIF comments because a null character is used to terminate comments. Exploitation of this issue could result in a denial of service or arbitrary code execution. To fix this issue, raw memory handling is replaced with a 'ConcatenateString' function.

Solution

Upgrade to ImageMagick 6.7.8-8 or later.

Note that you may need to manually uninstall the vulnerable version from the system.

See Also

http://www.imagemagick.org/script/changelog.php

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248

http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=23921

https://seclists.org/oss-sec/2013/q3/532

http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=24081

Plugin Details

Severity: Medium

ID: 70739

File Name: imagemagick_6_7_8_8.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 11/4/2013

Updated: 7/7/2023

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2013-4298

Vulnerability Information

CPE: cpe:/a:imagemagick:imagemagick

Required KB Items: installed_sw/ImageMagick

Exploit Ease: No known exploits are available

Patch Publication Date: 8/5/2012

Vulnerability Publication Date: 8/15/2013

Reference Information

CVE: CVE-2013-4298

BID: 62080