CVE-2019-13306 : ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in Wr

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of off-by-one errors.

Published 2019-07-05 01:15:11

Updated 2023-02-23 15:10:08

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowMemory Corruption

Products affected by CVE-2019-13306

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Imagemagick » Imagemagick » Version: 7.0.8-50 Update Q16
cpe:2.3:a:imagemagick:imagemagick:7.0.8-50:q16:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 19.10
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 19.04
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions
Opensuse » Leap » Version: 15.0
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 15.1
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.14%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 30 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Assigned by: nvd@nist.gov (Primary)
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

https://github.com/ImageMagick/ImageMagick/commit/e92040ea6ee2a844ebfd2344174076795a4787bd

https://github.com/ImageMagick/ImageMagick/issues/1612 · ImageMagick/ImageMagick@e92040e · GitHub
Patch
https://github.com/ImageMagick/ImageMagick/issues/1612

stack-buffer-overflow at coders/pnm.c:1902 in WritePNMImage · Issue #1612 · ImageMagick/ImageMagick · GitHub
Exploit;Issue Tracking;Patch;Third Party Advisory
https://usn.ubuntu.com/4192-1/

USN-4192-1: ImageMagick vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html

[security-announce] openSUSE-SU-2019:1983-1: moderate: Security update f
Mailing List;Third Party Advisory

CVEs referencing this url
https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa

https://github.com/ImageMagick/ImageMagick/issues/1612 · ImageMagick/ImageMagick6@cb5ec7d · GitHub
Patch
https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html

[SECURITY] [DLA 1888-1] imagemagick security update
Mailing List;Third Party Advisory

CVEs referencing this url
https://www.debian.org/security/2020/dsa-4715

Debian -- Security Information -- DSA-4715-1 imagemagick
Third Party Advisory

CVEs referencing this url

Jump to