Detections
Analytics
ImageMagick < 6.7.8-8 gif.c Memory Corruption
medium Nessus Plugin ID 70739
Language:
Synopsis
The remote Windows host contains an application that is affected by a memory corruption vulnerability.Description
The remote Windows host is running a version of ImageMagick prior to version 6.7.8-8. It is, therefore, affected by a memory corruption vulnerability in 'gif.c' while processing GIF comments because a null character is used to terminate comments. Exploitation of this issue could result in a denial of service or arbitrary code execution. To fix this issue, raw memory handling is replaced with a 'ConcatenateString' function.Solution
Upgrade to ImageMagick 6.7.8-8 or later.Note that you may need to manually uninstall the vulnerable version from the system.
See Also
http://www.imagemagick.org/script/changelog.php
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=23921
https://seclists.org/oss-sec/2013/q3/532
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=24081
Plugin Details
Severity: Medium
ID: 70739
File Name: imagemagick_6_7_8_8.nasl
Version: 1.9
Type: local
Agent: windows
Family: Windows
Published: 11/4/2013
Updated: 6/4/2024
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 4.3
Temporal Score: 3.2
Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS Score Source: CVE-2013-4298
Vulnerability Information
CPE: cpe:/a:imagemagick:imagemagick
Required KB Items: installed_sw/ImageMagick
Exploit Ease: No known exploits are available
Patch Publication Date: 8/5/2012
Vulnerability Publication Date: 8/15/2013
Reference Information
CVE: CVE-2013-4298
BID: 62080