English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.844071
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-4034-1)
Summary:The remote host is missing an update for the 'imagemagick' package(s) announced via the USN-4034-1 advisory.
Description:Summary:
The remote host is missing an update for the 'imagemagick' package(s) announced via the USN-4034-1 advisory.

Vulnerability Insight:
It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or possibly execute code with the privileges of
the user invoking the program.

Due to a large number of issues discovered in GhostScript that prevent it
from being used by ImageMagick safely, the update for Ubuntu 18.10 and
Ubuntu 19.04 includes a default policy change that disables support for the
Postscript and PDF formats in ImageMagick. This policy can be overridden if
necessary by using an alternate ImageMagick policy configuration.

Affected Software/OS:
'imagemagick' package(s) on Ubuntu 16.04, Ubuntu 18.04, Ubuntu 18.10, Ubuntu 19.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.1

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-12805
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHIKB4TP6KBJWT2UIPWL5MWMG5QXKGEJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF62B5PJA2JDUOCKJGUQO3SPL74BEYSV/
https://github.com/ImageMagick/ImageMagick/issues/664
https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html
SuSE Security Announcement: openSUSE-SU-2019:1683 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html
https://usn.ubuntu.com/4034-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-12806
https://github.com/ImageMagick/ImageMagick/issues/660
https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-14434
https://github.com/ImageMagick/ImageMagick/issues/1192
https://usn.ubuntu.com/3785-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-15607
BugTraq ID: 105137
http://www.securityfocus.com/bid/105137
https://github.com/ImageMagick/ImageMagick/issues/1255
Common Vulnerability Exposure (CVE) ID: CVE-2018-16323
https://www.exploit-db.com/exploits/45890/
https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786
Common Vulnerability Exposure (CVE) ID: CVE-2018-16412
BugTraq ID: 105241
http://www.securityfocus.com/bid/105241
Debian Security Information: DSA-4316 (Google Search)
https://www.debian.org/security/2018/dsa-4316
https://github.com/ImageMagick/ImageMagick/issues/1250
https://lists.debian.org/debian-lts-announce/2018/10/msg00002.html
SuSE Security Announcement: openSUSE-SU-2019:1141 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html
SuSE Security Announcement: openSUSE-SU-2019:1320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-16413
https://github.com/ImageMagick/ImageMagick/issues/1249
https://github.com/ImageMagick/ImageMagick/issues/1251
Common Vulnerability Exposure (CVE) ID: CVE-2018-16644
https://github.com/ImageMagick/ImageMagick/commit/16916c8979c32765c542e216b31cee2671b7afe7
https://github.com/ImageMagick/ImageMagick/commit/afa878a689870c28b6994ecf3bb8dbfb2b76d135
https://github.com/ImageMagick/ImageMagick/issues/1269
Common Vulnerability Exposure (CVE) ID: CVE-2018-16645
https://github.com/ImageMagick/ImageMagick/commit/ecb31dbad39ccdc65868d5d2a37f0f0521250832
https://github.com/ImageMagick/ImageMagick/issues/1268
Common Vulnerability Exposure (CVE) ID: CVE-2018-17965
https://github.com/ImageMagick/ImageMagick/issues/1052
Common Vulnerability Exposure (CVE) ID: CVE-2018-17966
https://github.com/ImageMagick/ImageMagick/issues/1050
Common Vulnerability Exposure (CVE) ID: CVE-2018-18016
https://github.com/ImageMagick/ImageMagick/issues/1049
Common Vulnerability Exposure (CVE) ID: CVE-2018-18023
https://github.com/ImageMagick/ImageMagick/issues/1336
Common Vulnerability Exposure (CVE) ID: CVE-2018-18024
https://github.com/ImageMagick/ImageMagick/issues/1337
Common Vulnerability Exposure (CVE) ID: CVE-2018-18025
https://github.com/ImageMagick/ImageMagick/issues/1335
https://lists.debian.org/debian-lts-announce/2018/11/msg00014.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-18544
http://hg.code.sf.net/p/graphicsmagick/code/file/233618f8fe82/ChangeLog
https://github.com/ImageMagick/ImageMagick/issues/1360
Common Vulnerability Exposure (CVE) ID: CVE-2018-20467
BugTraq ID: 106315
http://www.securityfocus.com/bid/106315
https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb
https://github.com/ImageMagick/ImageMagick/issues/1408
Common Vulnerability Exposure (CVE) ID: CVE-2019-10131
BugTraq ID: 108117
http://www.securityfocus.com/bid/108117
SuSE Security Announcement: openSUSE-SU-2019:1427 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-10649
BugTraq ID: 107645
http://www.securityfocus.com/bid/107645
Debian Security Information: DSA-4712 (Google Search)
https://www.debian.org/security/2020/dsa-4712
https://github.com/ImageMagick/ImageMagick/issues/1533
Common Vulnerability Exposure (CVE) ID: CVE-2019-10650
BugTraq ID: 107646
http://www.securityfocus.com/bid/107646
Bugtraq: 20190429 [SECURITY] [DSA 4436-1] imagemagick security update (Google Search)
https://seclists.org/bugtraq/2019/Apr/37
Debian Security Information: DSA-4436 (Google Search)
https://www.debian.org/security/2019/dsa-4436
https://github.com/ImageMagick/ImageMagick/issues/1532
https://lists.debian.org/debian-lts-announce/2019/05/msg00015.html
SuSE Security Announcement: openSUSE-SU-2019:1331 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-11470
https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957
https://github.com/ImageMagick/ImageMagick/issues/1472
https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html
SuSE Security Announcement: openSUSE-SU-2019:1603 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00057.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-11472
https://github.com/ImageMagick/ImageMagick/issues/1546
https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4
Common Vulnerability Exposure (CVE) ID: CVE-2019-11597
BugTraq ID: 108102
http://www.securityfocus.com/bid/108102
https://github.com/ImageMagick/ImageMagick/issues/1555
SuSE Security Announcement: openSUSE-SU-2019:1795 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00043.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-11598
https://github.com/ImageMagick/ImageMagick/issues/1540
Common Vulnerability Exposure (CVE) ID: CVE-2019-7175
https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
https://github.com/ImageMagick/ImageMagick/issues/1450
Common Vulnerability Exposure (CVE) ID: CVE-2019-7395
BugTraq ID: 106850
http://www.securityfocus.com/bid/106850
https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06
https://github.com/ImageMagick/ImageMagick/issues/1451
Common Vulnerability Exposure (CVE) ID: CVE-2019-7396
BugTraq ID: 106849
http://www.securityfocus.com/bid/106849
https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce
https://github.com/ImageMagick/ImageMagick/issues/1452
Common Vulnerability Exposure (CVE) ID: CVE-2019-7397
BugTraq ID: 106847
http://www.securityfocus.com/bid/106847
http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1
https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
https://github.com/ImageMagick/ImageMagick/issues/1454
Common Vulnerability Exposure (CVE) ID: CVE-2019-7398
BugTraq ID: 106848
http://www.securityfocus.com/bid/106848
https://github.com/ImageMagick/ImageMagick/issues/1453
Common Vulnerability Exposure (CVE) ID: CVE-2019-9956
BugTraq ID: 107546
http://www.securityfocus.com/bid/107546
BugTraq ID: 107672
http://www.securityfocus.com/bid/107672
https://github.com/ImageMagick/ImageMagick/issues/1523
CopyrightCopyright (C) 2019 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.