Download
| Alert*
oval:org.secpod.oval:def:61732
The host is installed with ImageMagick before 7.0.8-50 and is prone to an integer overflow vulnerability. The flaws are present in the function TIFFSeekCustomStream in coders/tiff.c, which fails to handle unspecified vectors. Successful exploitation could allows an attackers to cause integer overflo ... oval:org.secpod.oval:def:89050770 This update for ImageMagick fixes the following issues: - CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory . - CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages . - CVE-2019-13310: Fixed a memory leak at AcquireMagi ... oval:org.secpod.oval:def:2104629 In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. oval:org.secpod.oval:def:2104625 ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLayers in MagickCore/layer.c. |