漏洞信息详情
ImageMagick Studio ImageMagick 输入验证错误漏洞
漏洞简介
Imagemagick Studio ImageMagick是美国ImageMagick Studio(Imagemagick Studio)公司的一套开源的图像处理软件。该软件可读取、转换或写入多种格式的图片。
ImageMagick Studio ImageMagick 7.0.8-50之前版本中的coders/cut.c文件的‘ReadCUTImage’函数存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://github.com/ImageMagick/ImageMagick/issues/1599
参考网址
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html
来源:MISC
链接:https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d
来源:CONFIRM
链接:https://support.f5.com/csp/article/K20336394?utm_source=f5support&utm_medium=RSS
来源:github.com
链接:https://github.com/ImageMagick/ImageMagick/issues/1599
来源:github.com
链接:https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d
来源:DEBIAN
链接:https://www.debian.org/security/2020/dsa-4712
来源:UBUNTU
链接:https://usn.ubuntu.com/4192-1/
来源:MLIST
链接:https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html
来源:www.suse.com
链接:https://www.suse.com/support/update/announcement/2019/suse-su-20192106-1.html
来源:usn.ubuntu.com
链接:https://usn.ubuntu.com/4192-1/
来源:www.suse.com
链接:https://www.suse.com/support/update/announcement/2019/suse-su-20192010-1.html
来源:support.f5.com
链接:https://support.f5.com/csp/article/K20336394
来源:lists.debian.org
链接:https://lists.debian.org/debian-lts-announce/2019/08/msg00021.html
来源:www.ibm.com
链接:https://www.ibm.com/support/pages/node/1274818
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2019-13135
来源:source.android.com
链接:https://source.android.com/security/bulletin/pixel/2020-06-01
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.4028/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.4338/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.4028.2/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.3057/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.2840/
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/ImageMagick-five-vulnerabilities-30011
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.3066/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2019.3155/
受影响实体
暂无
补丁
- ImageMagick Studio ImageMagick 缓冲区错误漏洞的修复措施<!--2019-7-1-->
还没有评论,来说两句吧...