Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-25664

Опубликовано: 04 окт. 2019
Источник: redhat
CVSS3: 6.1
EPSS Низкий

Описание

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.

A flaw was found in ImageMagick. A specially crafted image could cause an out-of-bounds memory write leading to a crash. The highest threat from this vulnerability is to system availability.

Отчет

This flaw is out of support scope for Red Hat Enterprise Linux 5, 6, and 7. Inkscape is not affected because it no longer uses a bundled ImageMagick in Red Hat Enterprise Linux 8. For more information regarding support scopes, please see https://access.redhat.com/support/policy/updates/errata .

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ImageMagickOut of support scope
Red Hat Enterprise Linux 6ImageMagickOut of support scope
Red Hat Enterprise Linux 7ImageMagickOut of support scope
Red Hat Enterprise Linux 8inkscapeNot affected
Red Hat Enterprise Linux 9ImageMagickAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122->CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1891605ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h

EPSS

Процентиль: 25%
0.00087
Низкий

6.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-25664

CVSS3: 6.1
ubuntu
около 5 лет назад

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.

nvd логотип

CVE-2020-25664

CVSS3: 6.1
nvd
около 5 лет назад

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.

debian логотип

CVE-2020-25664

CVSS3: 6.1
debian
около 5 лет назад

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper ca ...

github логотип

GHSA-c5hg-hx4v-7q6w

github
больше 3 лет назад

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. The patch fixes the calls by adding 256 to rowbytes. An attacker who is able to supply a specially crafted image could affect availability with a low impact to data integrity. This flaw affects ImageMagick versions prior to 6.9.10-68 and 7.0.8-68.

suse-cvrf логотип

SUSE-SU-2021:14598-1

suse-cvrf
около 5 лет назад

Security update for ImageMagick

EPSS

Процентиль: 25%
0.00087
Низкий

6.1 Medium

CVSS3