Published: 26/06/2019 Updated: 19/08/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

It exists that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imagemagick imagemagick 7.0.8-34

Several security issues were fixed in ImageMagick ...

Debian Bug report logs - #931191 imagemagick: CVE-2019-12977 Package: src:imagemagick; Maintainer for src:imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Jun 2019 19:09:01 UTC Severity: important Tags: securit ...

This update fixes multiple vulnerabilities in Imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed For the stable distribution (buster), these problems have been fixed ...

CWE-665 https://github.com/ImageMagick/ImageMagick/issues/1518 http://www.securityfocus.com/bid/108913 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html https://usn.ubuntu.com/4192-1/https://www.debian.org/security/2020/dsa-4712 https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4192-1/https://nvd.nist.gov

CVE-2019-12977

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect