#VU23005 Out-of-bounds write in Imagick PHP extension - CVE-2019-11037

Cybersecurity Help s.r.o.

Published: 2019-11-26

Vulnerability identifier: #VU23005

Vulnerability risk: High

CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2019-11037

CWE-ID: CWE-787

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Imagick PHP extension
Universal components / Libraries / Scripting languages

Vendor: Imagick

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the ImagickKernel::fromMatrix() function in PHP imagick extension. A remote attacker can create a specially crafted file, pass it to the application, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Imagick PHP extension: 3.3.0 RC1 - 3.4.4 RC2

External links
https://bugs.php.net/bug.php?id=77791

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for PECL Imagick

OpenSUSE Linux update for php7-imagick

Out-of-bounds write in php7-pecl-imagick (Alpine package)

Debian update for php-imagick

Buffer overflow in PHP imagick extension