ImageMagick 6.x < 6.9.7-8 / 7.x < 7.0.4-8 Multiple DoS

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

An application installed on the remote Windows host is affected by
multiple denial of service vulnerabilities.

Description :

The version of ImageMagick installed on the remote Windows host is 6.x
prior to 6.9.7-8 or 7.x prior to 7.0.4-8. It is, therefore, affected
by multiple denial of service vulnerabilities :

- A NULL pointer dereference flaw exists in the
ReadPSDChannel() function in coders/psd.c due to
improper handling of PSD files. An unauthenticated,
remote attacker can exploit this, by convincing a user
to open a specially crafted PSD file, to cause a denial
of service condition. (CVE-2017-6497)

- A flaw exists in Magick++/lib/Exception.cpp due to
improper handling of nested exceptions. An
unauthenticated, remote attacker can exploit this to
cause the application to consume excessive resources,
resulting in a denial of service condition.
(CVE-2017-6499)

- A NULL pointer dereference flaw exists in the
ReadXCFImage() function in coders/xcf.c due to improper
handling of XCF files. An unauthenticated, remote
attacker can exploit this, by convincing a user to open
a specially crafted XCF file, to cause a denial of
service condition. (CVE-2017-6501)

See also :

http://www.nessus.org/u?764ccdd1
http://www.nessus.org/u?47ca94a9
http://www.nessus.org/u?762e4c8b
http://www.nessus.org/u?07868ede

Solution :

Upgrade to ImageMagick version 6.9.7-8 / 7.0.4-8 or later. Note that
you may also need to manually uninstall the vulnerable version from
the system.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 3.2
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 97892 ()

Bugtraq ID: 96589
96590
96594

CVE ID: CVE-2017-6497
CVE-2017-6499
CVE-2017-6501

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now