Vulnerability CVE-2019-10131


Published: 2019-04-30

Description:
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Imagemagick
Product: Imagemagick 
Version:
7.0.7-9
7.0.7-8
7.0.7-6
7.0.7-5
7.0.7-4
7.0.7-3
7.0.7-27
7.0.7-26
7.0.7-25q16
7.0.7-25
7.0.7-24
7.0.7-23
7.0.7-22
7.0.7-21
7.0.7-20
7.0.7-2
7.0.7-19
7.0.7-18
7.0.7-17
7.0.7-16
7.0.7-15
7.0.7-14
7.0.7-13
7.0.7-12
7.0.7-11
7.0.7-10
7.0.7-1
7.0.7-0
7.0.7
7.0.6-9
7.0.6-8
7.0.6-7
7.0.6-6
7.0.6-5
7.0.6-4
7.0.6-3
7.0.6-2
7.0.6-10
7.0.6-1
7.0.6-0
7.0.5-9
7.0.5-8
7.0.5-7
7.0.5-6
7.0.5-5
7.0.5-4
7.0.5-3
7.0.5-2
7.0.5-10
7.0.5-1
7.0.5-0
7.0.4-9
7.0.4-8
7.0.4-7
7.0.4-6
7.0.4-5
7.0.4-4
7.0.4-3
7.0.4-2
7.0.4-10
7.0.4-1
7.0.4-0
7.0.3-9
7.0.3-8
7.0.3-7
7.0.3-6
7.0.3-5
7.0.3-4
7.0.3-3
7.0.3-2
7.0.3-10
7.0.3-1
7.0.3-0
7.0.2-9
7.0.2-8
7.0.2-7
7.0.2-6
7.0.2-5
7.0.2-4
7.0.2-3
7.0.2-2
7.0.2-10
7.0.2-1
7.0.2-0
7.0.1-9
7.0.1-8
7.0.1-7
7.0.1-6
7.0.1-5
7.0.1-4
7.0.1-3
7.0.1-2
7.0.1-10
7.0.1-1
7.0.1-0
7.0.0-0
6.9.9-9
6.9.9-8
6.9.9-7
See more versions on NVD
Vendor: Redhat
Product: Enterprise linux 
Version: 7.0;

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.6/10
4.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
Partial

 References:
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html
http://www.securityfocus.com/bid/108117
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131
https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e

Related CVE
CVE-2019-3834
It was found that the fix for CVE-2014-0114 had been reverted in JBoss Operations Network 3 (JON). This flaw allows attackers to manipulate ClassLoader properties on a vulnerable server. Exploits that have been published rely on ClassLoader propertie...
CVE-2019-10212
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
CVE-2019-10202
A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterX...
CVE-2019-14844
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
CVE-2018-9090
CoreOS Tectonic 1.7.x and 1.8.x before 1.8.7-tectonic.2 deploys the Grafana web application using default credentials (admin/admin) for the administrator account located at grafana-credentials secret. This occurs because CoreOS does not randomize the...
CVE-2019-14816
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-14814
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-14821
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher...

Copyright 2019, cxsecurity.com

 

Back to Top