[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-13135Date: (C)2019-07-03   (M)2024-04-04


ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.8CVSS Score : 6.8
Exploit Score: 2.8Exploit Score: 8.6
Impact Score: 5.9Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: REQUIREDConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
DSA-4712
USN-4192-1
https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html
https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d
https://github.com/ImageMagick/ImageMagick/issues/1599
https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d
https://support.f5.com/csp/article/K20336394
https://support.f5.com/csp/article/K20336394?utm_source=f5support&%3Butm_medium=RSS
openSUSE-SU-2019:1983

CPE    5
cpe:/o:debian:debian_linux:9.0
cpe:/o:debian:debian_linux:8.0
cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
cpe:/a:imagemagick:imagemagick
...
OVAL    24
oval:org.secpod.oval:def:89050770
oval:org.secpod.oval:def:1601771
oval:org.secpod.oval:def:1601770
oval:org.secpod.oval:def:1902203
...

© SecPod Technologies