openEuler 20.03 LTS update for GraphicsMagick

1) Out-of-bounds read

EUVDB-ID: #VU18361

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-11473

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to a boundary condition within the ReadXWDImage() function in coders/xwd.c in XWD reader. A remote attacker can create a specially crafted XWD image file, pass it to the affected application, trigger out-of-bounds read error and crash the application.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Incorrect calculation

EUVDB-ID: #VU18362

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-11474

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to incorrect calculation within the ReadXWDImage() function in coders/xwd.c in XWD reader. A remote attacker can create a specially crafted XWD file, pass it to the application, trigger a floating-point exception and crash the affected application.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Integer overflow

EUVDB-ID: #VU26484

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-10938

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the HuffmanDecodeImage in "magick/compress.c" file. A remote attacker can trigger integer overflow and execute arbitrary code on the target system, leading to heap-based buffer overflow.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU18364

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-11006

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c in MIFF reader, which allows attackers to cause a denial of service or information disclosure via an RLE packet. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Heap-based buffer overflow

EUVDB-ID: #VU27562

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-12672

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the "ReadMNGImage" in coders/png.c. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Memory leak

EUVDB-ID: #VU18368

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-11010

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the function ReadMPCImage in coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Memory leak

EUVDB-ID: #VU17707

Risk: Low

CVSSv4.0: 1.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-7397

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due a memory leak in the WritePDFImage function, as defined in the coders/pdf.c source code file. A remote attacker can trick the victim into accessing a file that submits malicious input and perform denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

8) Stack-based buffer overflow

EUVDB-ID: #VU18363

Risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-11005

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing a quoted font family value within the SVGStartElement() function in coders/svg.c in SVG reader. A remote unauthenticated attacker can create a specially crafted image, pass it to the affected application, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Path traversal

EUVDB-ID: #VU26485

Risk: Medium

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2019-12921

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within TranslateTextEx component for processing SVG images in GraphicsMagick. A remote attacker can create a specially crafted SVG file and read contents of arbitrary files on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

10) Memory leak

EUVDB-ID: #VU15461

Risk: Low

CVSSv4.0: 5.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-18544

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to memory leak in the WriteMSLImage function, as defined in the coders/msl.c source code file. A remote attacker can trick the victim into accessing a file that submits malicious input, trigger memory leak and cause the service to crash.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

11) Heap-based buffer overflow

EUVDB-ID: #VU18366

Risk: Medium

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-11008

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the WriteXWDImage() function in coders/xwd.c. A remote attacker can create a crafted XWD file, pass it to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU18367

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-11009

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the function ReadXWDImage() in coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

openEuler: 20.03 LTS

GraphicsMagick-devel: before 1.3.30-9

GraphicsMagick-debugsource: before 1.3.30-9

GraphicsMagick-perl: before 1.3.30-9

GraphicsMagick-debuginfo: before 1.3.30-9

GraphicsMagick-c++: before 1.3.30-9

GraphicsMagick-c++-devel: before 1.3.30-9

GraphicsMagick-help: before 1.3.30-9

GraphicsMagick: before 1.3.30-9

CPE2.3

• cpe:2.3:o:openeuler:openeuler:20.03:LTS:*:*:*:*:*:*
• cpe:2.3:a:openeuler:graphicsmagick-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debugsource:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-perl:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-debuginfo:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-c_plus_plus_-devel:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick-help:*:*:*:*:*:openeuler:*:*
• cpe:2.3:a:openeuler:graphicsmagick:*:*:*:*:*:openeuler:*:*

External links

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2020-1120

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.