CVE-2020-27762
https://notcve.org/view.php?id=CVE-2020-27762
A flaw was found in ImageMagick in coders/hdr.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char`. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to ImageMagick 7.0.8-68. Se encontró un fallo en ImageMagick en el archivo coders/hdr.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1894680 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVE-2020-27763
https://notcve.org/view.php?id=CVE-2020-27763
A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.8-68. Se encontró un fallo en ImageMagick en el archivo MagickCore/resize.c. • https://bugzilla.redhat.com/show_bug.cgi?id=1894682 https://lists.debian.org/debian-lts-announce/2021/01/msg00010.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-369: Divide By Zero •
CVE-2020-27764
https://notcve.org/view.php?id=CVE-2020-27764
In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security marked this as Low severity because although it could potentially lead to an impact to application availability, no specific impact was shown in this case. This flaw affects ImageMagick versions prior to 6.9.10-69. En el archivo /MagickCore/statistic.c, presenta varias áreas en la función ApplyEvaluateOperator() donde una conversión size_t debería haber sido una conversión ssize_t, lo que causa valores fuera de rango bajo algunas circunstancias cuando ImageMagick procesa un archivo de entrada diseñado. Red Hat Product Security marcó esto como de gravedad baja porque, aunque podría generar un impacto en la disponibilidad de la aplicación, ningún impacto específico fue mostrado en este caso. • https://bugzilla.redhat.com/show_bug.cgi?id=1894683 https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5 https://lists.debian.org/debian-lts-announce/2021/03/msg00030.html https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html • CWE-190: Integer Overflow or Wraparound •
CVE-2019-19949 – ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c
https://notcve.org/view.php?id=CVE-2019-19949
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WritePNGImage of coders/png.c, related to Magick_png_write_raw_profile and LocaleNCompare. En ImageMagick versión 7.0.8-43 Q16, se presenta una lectura excesiva de búfer en la región heap de la memoria en la función WritePNGImage del archivo coders/png.c, relacionada con Magick_png_write_raw_profile y LocaleNCompare. An out-of-bounds read was discovered in ImageMagick when writing PNG images. An attacker may abuse this flaw to trick a victim user into downloading a malicious image file and running it through ImageMagick, causing the application to crash. • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00006.html https://github.com/ImageMagick/ImageMagick/issues/1561 https://lists.debian.org/debian-lts-announce/2019/12/msg00033.html https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html https://usn.ubuntu.com/4549-1 https://www.debian.org/security/2020/dsa-4712 https://access.redhat.com/security/cve/CVE-2019-19949 https://bugzilla.redhat.com/show_bug.cgi?id=1792480 • CWE-125: Out-of-bounds Read •
CVE-2019-17547
https://notcve.org/view.php?id=CVE-2019-17547
In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a use-after-free. En ImageMagick versiones anteriores a 7.0.8-62, la función TraceBezier en el archivo MagickCore/draw.c presenta una vulnerabilidad de uso de la memoria previamente liberada. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537 https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397 https://github.com/ImageMagick/ImageMagick/compare/7.0.8-51...7.0.8-62 • CWE-416: Use After Free •