CVE-2019-10131
ImageMagick: off-by-one read in formatIPTCfromBuffer function in coders/meta.c
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
Se encontró una vulnerabilidad de lectura off-by-one en ImageMagick anterior a la versión 7.0.7-28 en la función formatIPTCfromBuffer en coders/meta.c. Un atacante local puede utilizar este fallo para leer más allá del final del búfer o para bloquear el programa.
An off-by-one read vulnerability was discovered in ImageMagick in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-27 CVE Reserved
- 2019-04-30 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-193: Off-by-one Error
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108117 | Broken Link | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00030.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10131 | 2021-10-28 | |
| https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e | 2021-10-28 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00051.html | 2021-10-28 | |
| http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html | 2021-10-28 | |
| https://usn.ubuntu.com/4034-1 | 2021-10-28 | |
| https://access.redhat.com/security/cve/CVE-2019-10131 | 2020-03-31 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1704762 | 2020-03-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | < 6.9.9-40 Search vendor "Imagemagick" for product "Imagemagick" and version " < 6.9.9-40" | - |
Affected
| ||||||
| Imagemagick Search vendor "Imagemagick" | Imagemagick Search vendor "Imagemagick" for product "Imagemagick" | >= 7.0.0-0 < 7.0.7-28 Search vendor "Imagemagick" for product "Imagemagick" and version " >= 7.0.0-0 < 7.0.7-28" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.10" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 19.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "19.04" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.3 Search vendor "Opensuse" for product "Leap" and version "42.3" | - |
Affected
| ||||||