Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2022-44267

Published: 06/02/2023 Updated: 07/11/2023
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Imagemagick

Vulnerability Summary

An integer overflow issue exists in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash. (CVE-2021-20224) A vulnerability was found in ImageMagick. Memory leaks are detected when executing a crafted file with the convert command, affecting availability. (CVE-2021-3574) A flaw was found in ImageMagick. The vulnerability occurs due to improper use of open functions and leads to a denial of service. This flaw allows an malicious user to crash the system. (CVE-2021-4219) ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. (CVE-2022-28463) A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. (CVE-2022-32545) A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. (CVE-2022-32546) In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. (CVE-2022-32547) ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. (CVE-2022-44267) ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it). (CVE-2022-44268)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

imagemagick imagemagick 7.1.0-49

Vendor Advisories

Debian CVElist Bug Report Logs: imagemagick: CVE-2022-44267 CVE-2022-44268
Debian Bug report logs - #1030767 imagemagick: CVE-2022-44267 CVE-2022-44268 Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@listsaliothdebianorg>; Source for imagemagick is src:imagemagick (PTS, buildd, popcon) Reported by: Waylon Liu <gliuwr@gmailcom> Date: Tu ...
Debian Security Advisories: DSA-5347-1 imagemagick -- security update
Bryan Gonzalez discovered that the PNG support in Imagemagick could be tricked into embedding the content of an arbitrary file when converting an image file For the stable distribution (bullseye), these problems have been fixed in version 8:691160+dfsg-13+deb11u1 We recommend that you upgrade your imagemagick packages For the detailed securi ...
Amazon Linux 2: ALAS2-2023-1961
ImageMagick 710-49 is vulnerable to Denial of Service When it parses a PNG image (eg, for resize), the convert process could be left waiting for stdin input (CVE-2022-44267) ImageMagick 710-49 is vulnerable to Information Disclosure When it parses a PNG image (eg, for resize), the resulting image could have embedded the content of an arb ...
Amazon Linux AMI: ALAS-2023-1696
An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-exportc Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char' When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash (CVE-2021-20 ...
Red Hat:
Description<!---->A vulnerability was found in ImageMagick that is triggered when the software parses a PNG image containing a single dash (-) in the filename To remotely exploit this bug, an attacker can upload a malicious PNG with a text chunk that adds a single dash in the name to any site using ImageMagick The site would then parse the image, ...

Github Repositories

https://github.com/Pog-Frog/cve-2022-44268

CVE-2022-44268 ImageMagick is a free and open-source cross-platform software suite for displaying, converting, and editing raster image and vector image files It can read and write over 200 image file formats ImageMagick is licensed under the Apache License 20 It is available in the form of command-line tools, as well as a C API and a set of C++ classes Wikipedia ImageMagi

https://github.com/agathanon/cve-2022-44268

Payload generator and extractor for CVE-2022-44268 written in Python.

CVE-2022-44268 Credit to the researchers who discovered this: Bryan Gonzalez and the Ocelot Team Create a malicious PNG to take advantage of ImageMagick 710-40: CVE-2022-44267: Denial of Service CVE-2022-44268: Information Disclosure Disclaimer: The author of this project is not responsible for any possible harm caused by the materials of this project Requirements Pytho

https://github.com/agathanon/cve-2023-44268

Payload generator and extractor for CVE-2022-44268 written in Python.

CVE-2022-44268 Credit to the researchers who discovered this: Bryan Gonzalez and the Ocelot Team Create a malicious PNG to take advantage of ImageMagick 710-40: CVE-2022-44267: Denial of Service CVE-2022-44268: Information Disclosure Disclaimer: The author of this project is not responsible for any possible harm caused by the materials of this project Requirements Pytho

References

CWE-404https://imagemagick.org/https://www.metabaseq.com/imagemagick-zero-days/https://www.debian.org/security/2023/dsa-5347https://lists.debian.org/debian-lts-announce/2023/03/msg00008.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767https://nvd.nist.govhttps://github.com/agathanon/cve-2022-44268https://www.debian.org/security/2023/dsa-5347https://alas.aws.amazon.com/ALAS-2023-1696.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook