Vulnerability Details : CVE-2020-25666
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. This flaw could impact application reliability in the event that ImageMagick processes a crafted input file. This flaw affects ImageMagick versions prior to 7.0.9-0.
Vulnerability category: Overflow
Exploit prediction scoring system (EPSS) score for CVE-2020-25666
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 32 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2020-25666
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
3.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.8
|
1.4
|
NIST |
CWE ids for CVE-2020-25666
-
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Assigned by: secalert@redhat.com (Primary)
References for CVE-2020-25666
-
https://bugzilla.redhat.com/show_bug.cgi?id=1891612
Exploit;Issue Tracking;Patch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html
[SECURITY] [DLA 3357-1] imagemagick security update
-
https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html
[SECURITY] [DLA 2602-1] imagemagick security updateMailing List;Third Party Advisory
Products affected by CVE-2020-25666
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*
- cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*