SB2017122214 - openSUSE update for ImageMagick 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017122214

SB2017122214 - openSUSE update for ImageMagick

Published: December 22, 2017 Updated: December 27, 2017

Security Bulletin ID SB2017122214
Severity
Low
Patch available
YES
Number of vulnerabilities 32
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 32 secuirty vulnerabilities.


1) Resource exhaustion (CVE-ID: CVE-2017-11188)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a large loop in the ReadDPXImage function in coders\dpx.c. A remote attacker can trick the victim into opening a specially crafted DPX file, trigger CPU exhaustion, related to lack of an EOF check and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Infinite loop (CVE-ID: CVE-2017-11478)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to infinite loop in the ReadOneDJVUImage function in coders/djvu.c. A remote attacker can trick the victim into opening a specially crafted DJVU image, trigger infinite loop and CPU consumption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Infinite loop (CVE-ID: CVE-2017-11523)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to infinite loop in the ReadTXTImage function in coders/txt.c. A remote attacker can trick the victim into opening a specially crafted file, trigger the end-of-file condition and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Memory corruption (CVE-ID: CVE-2017-11527)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a boundary error in the ReadDPXImage function in coders/dpx.c. A remote attacker can trick the victim into opening a specially crafted file, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

5) Heap-based buffer overread (CVE-ID: CVE-2017-11535)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer over-read in the WritePSImage() function in coders/ps.c. A remote attacker can trick the victim into opening a specially crafted file, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

6) Denial of service (CVE-ID: CVE-2017-11640)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an address access exception in the WritePTIFImage() function in coders/tiff.c. A remote attacker can trick the victim into converting a specially crafted file and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

7) Memory leak (CVE-ID: CVE-2017-11752)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a memory leak in the ReadMAGICKImage function in coders/magick.c. A remote attacker can trick the victim into opening a specially crafted file and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

8) Resource exhaustion (CVE-ID: CVE-2017-12140)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an integer signedness error in the ReadDCMImage function in coders\dcm.c. A remote attacker can trick the victim into opening a specially crafted DCM file, trigger excessive memory consumption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

9) Resource exhaustion (CVE-ID: CVE-2017-12435)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an error in the ReadSUNImage function in coders/sun.c. A remote attacker can trick the victim into opening a specially crafted file, trigger excessive memory consumption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

10) Infinite loop (CVE-ID: CVE-2017-12587)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an error in the ReadPWPImage function in coderspwp.c. A remote attacker can trick the victim into opening a specially crafted file, trigger an infinite loop and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

11) Memory leak (CVE-ID: CVE-2017-12644)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a memory leak in ReadDCMImage in codersdcm.c. A remote attacker can trick the victim into opening a specially crafted file and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

12) Memory leak (CVE-ID: CVE-2017-12662)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a memory leak in WritePDFImage in coders/pdf.c. A remote attacker can trick the victim into opening a specially crafted file and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

13) Memory leak (CVE-ID: CVE-2017-12669)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a memory leak in WriteCALSImage in coders/cals.c. A remote attacker can trick the victim into opening a specially crafted file and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

14) Heap-based buffer overflow (CVE-ID: CVE-2017-12983)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer overflow in the ReadSFWImage function in coders/sfw.c. A remote attacker can trick the victim into opening a specially crafted file, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

15) Heap-based buffer overread (CVE-ID: CVE-2017-13134)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer over-read in the function SFWScan in coders/sfw.c. A remote attacker can trick the victim into opening a specially crafted file, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

16) Buffer over-read (CVE-ID: CVE-2017-13769)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer over-read in the WriteTHUMBNAILImage function in coders/thumbnail.c. A remote attacker can trick the victim into opening a specially crafted JPEG file, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

17) Memory leak (CVE-ID: CVE-2017-14138)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a memory leak in ReadWEBPImage in coders/webp.c because memory is not freed in certain error cases. A remote attacker can trick the victim into opening a specially crafted file and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

18) Resource exhaustion (CVE-ID: CVE-2017-14172)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in coders/ps.c in ReadPSImage() due to lack of an EOF (End of File) check. A remote attacker can provide a specially crafted PSD file, which claims a large "extent" field in the header but does not contain sufficient backing data, trigger the loop over "length", consume huge CPU resources and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

19) Integer overflow (CVE-ID: CVE-2017-14173)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to integer overflow in the function ReadTXTImage() in coders/txt.c that may occur for the addition operation "GetQuantumRange(depth)+1" when "depth" is large, producing a smaller value than expected. A remote attacker can provide a specially crafted TXT file that claims a very large "max_value" value, trigger infinite loop and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

20) Resource exhaustion (CVE-ID: CVE-2017-14175)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in coders/xbm.c in ReadXBMImage() due to lack of an EOF (End of File) check. A remote attacker can provide a specially crafted XBM file, which claims large rows and columns fields in the header but does not contain sufficient backing data, trigger the loop over the rows, consume huge CPU resources and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

21) Resource exhaustion (CVE-ID: CVE-2017-14341)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a large loop vulnerability in ReadWPGImage in coders/wpg.c. A remote attacker can provide a specially crafted wpg image file, trigger CPU exhaustion and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

22) Resource exhaustion (CVE-ID: CVE-2017-14342)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an error in ReadWPGImage in coders/wpg.c. A remote attacker can provide a specially crafted wpg image file, trigger memory exhaustion and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

23) Resource exhaustion (CVE-ID: CVE-2017-14531)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an error in ReadSUNImage in coders/sun.c.. A remote attacker can provide a specially crafted image file, trigger memory exhaustion and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

24) Out-of-bounds read (CVE-ID: CVE-2017-14607)

The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The weakness exists due to out of bounds read flaw related to ReadTIFFImage function in coders/tiff.c. A remote attacker can provide a specially crafted image file and read arbitrary data or cause the application to crash.

25) Heap-based buffer overflow (CVE-ID: CVE-2017-14682)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer overflow in GetNextToken in MagickCore/token.c. A remote attacker can provide a specially crafted SVG document, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

26) Heap-based buffer overread (CVE-ID: CVE-2017-14733)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to ReadRLEImage in coders/rle.c mishandles RLE headers that specify too few colors. A remote attacker can provide a specially crafted RLE document, trigger heap-based buffer over-read and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

27) Use-after-free error (CVE-ID: CVE-2017-14989)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to use-after-free in RenderFreetype in MagickCore/annotate.c. A remote attacker can provide a specially crafted font file, call the FT_Done_Glyph function (from FreeType 2) at an incorrect place in the ImageMagick code, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

28) Memory leak (CVE-ID: CVE-2017-15217)

The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The weakness exists due to an error in ReadSGIImage in coders/sgi.c. A remote attacker can provide a specially SGI image file, trigger memory leak and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

29) Null pointer dereference (CVE-ID: CVE-2017-15930)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an error n ReadOneJNGImage in coders/png.c. A remote attacker can transfer specially crafted JPEG scanlines, trigger null pointer dereference, related to a PixelPacket pointer and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

30) Improper input validation (CVE-ID: CVE-2017-16545)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to the ReadWPGImage function in coders/wpg.c does not properly validate colormapped images. A remote attacker can transfer specially crafted WPG image, trigger ImportIndexQuantumType invalid write and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

31) Improper input validation (CVE-ID: CVE-2017-16546)

The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The weakness exists due to the ReadWPGImage function in coders/wpg.c does not properly validate the colormap index in a WPG palette. A remote attacker can provide a specially WPG file, trigger use of uninitialized data or invalid memory allocation and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

32) Heap-based buffer overflow (CVE-ID: CVE-2017-16669)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to heap-based buffer overflow in coders/wpg.c. A remote attacker can provide a specially crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

References