Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Debian LTS: DLA-1795-1 Critical: graphicsmagick Buffer Overflow Issues

debian lts
Calendar Grey May 20, 2019
Dist Debian Esm H88
Package : graphicsmagick Version : 1.3.20-3+deb8u7 CVE ID : CVE-2019-11473 CVE-2019-11474 CVE-2019-1
Multiple vulnerabilities have been discovered in graphicsmagick, the image processing toolkit: CVE-2019-11473

Summary

The WriteMATLABImage function (coders/mat.c) is affected by a heap-based
buffer overflow. Remote attackers might leverage this vulnerability to
cause denial of service or any other unspecified impact via crafted Matlab
matrices.

CVE-2019-11474

The WritePDBImage function (coders/pdb.c) is affected by a heap-based
buffer overflow. Remote attackers might leverage this vulnerability to
cause denial of service or any other unspecified impact via a crafted Palm
Database file.

CVE-2019-11505
CVE-2019-11506

The XWD module (coders/xwd.c) is affected by multiple heap-based
buffer overflows and arithmetic exceptions. Remote attackers might leverage
these various flaws to cause denial of service or any other unspecified
impact via crafted XWD files.

For Debian 8 "Jessie", these problems have been fixed in version
1.3.20-3+deb8u7.

We recommend that you upgrade your graphicsmagick packages.

Further information about Debian LTS security advisories, how to apply

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

Package: graphicsmagick
Version: 1.3.20-3+deb8u7
CVE ID: CVE-2019-11473 CVE-2019-11474 CVE-2019-11505 CVE-2019-11506

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.