Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2019-2010-1.NASL
HistoryAug 12, 2019 - 12:00 a.m.

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:2010-1)

2019-08-1200:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

This update for ImageMagick fixes the following issues :

CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory() (bsc#1140554).

CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of an error in MagickWand/mogrify.c (bsc#1140501).

CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of a wand/mogrify.c error (bsc#1140513).

CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in MagickCore/layer.c (bsc#1141171).

CVE-2019-13295: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).

CVE-2019-13297: Fixed a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).

CVE-2019-12979: Fixed the use of uninitialized values in SyncImageSettings() (bsc#1139886).

CVE-2019-13391: Fixed a heap-based buffer over-read in MagickCore/fourier.c (bsc#1140673).

CVE-2019-13308: Fixed a heap-based buffer overflow in MagickCore/fourier.c (bsc#1140534).

CVE-2019-13300: Fixed a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages (bsc#1140669).

CVE-2019-13307: Fixed a heap-based buffer overflow at MagickCore/statistic.c (bsc#1140538).

CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in coders/dpx.c (bsc#1140106).

CVE-2019-13135: Fixed the use of uninitialized values in ReadCUTImage() (bsc#1140103).

CVE-2019-12978: Fixed the use of uninitialized values in ReadPANGOImage() (bsc#1139885).

CVE-2019-12974: Fixed a NULL pointer dereference in the ReadPANGOImage() (bsc#1140111).

CVE-2019-13133: Fixed a memory leak in the ReadBMPImage() (bsc#1140100).

CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage() (bsc#1140102).

CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in coders/pcl.c(bsc#1140110).

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:2010-1.
# The text itself is copyright (C) SUSE.
#

include('compat.inc');

if (description)
{
  script_id(127750);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/06");

  script_cve_id(
    "CVE-2019-12974",
    "CVE-2019-12975",
    "CVE-2019-12976",
    "CVE-2019-12978",
    "CVE-2019-12979",
    "CVE-2019-13133",
    "CVE-2019-13134",
    "CVE-2019-13135",
    "CVE-2019-13295",
    "CVE-2019-13297",
    "CVE-2019-13300",
    "CVE-2019-13301",
    "CVE-2019-13307",
    "CVE-2019-13308",
    "CVE-2019-13310",
    "CVE-2019-13311",
    "CVE-2019-13391",
    "CVE-2019-13454"
  );
  script_xref(name:"IAVB", value:"2019-B-0062-S");

  script_name(english:"SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:2010-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"This update for ImageMagick fixes the following issues :

CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory()
(bsc#1140554).

CVE-2019-13310: Fixed a memory leak at AcquireMagickMemory because of
an error in MagickWand/mogrify.c (bsc#1140501).

CVE-2019-13311: Fixed a memory leak at AcquireMagickMemory because of
a wand/mogrify.c error (bsc#1140513).

CVE-2019-13454: Fixed a division by zero in RemoveDuplicateLayers in
MagickCore/layer.c (bsc#1141171).

CVE-2019-13295: Fixed a heap-based buffer over-read at
MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140664).

CVE-2019-13297: Fixed a heap-based buffer over-read at
MagickCore/threshold.c in AdaptiveThresholdImage (bsc#1140666).

CVE-2019-12979: Fixed the use of uninitialized values in
SyncImageSettings() (bsc#1139886).

CVE-2019-13391: Fixed a heap-based buffer over-read in
MagickCore/fourier.c (bsc#1140673).

CVE-2019-13308: Fixed a heap-based buffer overflow in
MagickCore/fourier.c (bsc#1140534).

CVE-2019-13300: Fixed a heap-based buffer overflow at
MagickCore/statistic.c in EvaluateImages (bsc#1140669).

CVE-2019-13307: Fixed a heap-based buffer overflow at
MagickCore/statistic.c (bsc#1140538).

CVE-2019-12975: Fixed a memory leak in the WriteDPXImage() in
coders/dpx.c (bsc#1140106).

CVE-2019-13135: Fixed the use of uninitialized values in
ReadCUTImage() (bsc#1140103).

CVE-2019-12978: Fixed the use of uninitialized values in
ReadPANGOImage() (bsc#1139885).

CVE-2019-12974: Fixed a NULL pointer dereference in the
ReadPANGOImage() (bsc#1140111).

CVE-2019-13133: Fixed a memory leak in the ReadBMPImage()
(bsc#1140100).

CVE-2019-13134: Fixed a memory leak in the ReadVIFFImage()
(bsc#1140102).

CVE-2019-12976: Fixed a memory leak in the ReadPCLImage() in
coders/pcl.c(bsc#1140110).

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1139885");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1139886");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140100");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140102");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140103");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140106");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140110");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140111");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140501");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140513");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140534");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140538");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140554");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140664");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140666");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140669");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1140673");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1141171");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12974/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12975/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12976/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12978/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-12979/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13133/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13134/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13135/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13295/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13297/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13300/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13301/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13307/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13308/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13310/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13311/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13391/");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-13454/");
  # https://www.suse.com/support/update/announcement/2019/suse-su-20192010-1/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9cb8fdd2");
  script_set_attribute(attribute:"solution", value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch
SUSE-SLE-WE-12-SP4-2019-2010=1

SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
patch SUSE-SLE-SDK-12-SP4-2019-2010=1

SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
SUSE-SLE-SERVER-12-SP4-2019-2010=1

SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP4-2019-2010=1");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-13391");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/07/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-config-6-SUSE");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-config-6-upstream");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ImageMagick-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagick++-6_Q16-3-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickCore-6_Q16-1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libMagickWand-6_Q16-1-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP4", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"4", reference:"ImageMagick-config-6-SUSE-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"ImageMagick-config-6-upstream-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"ImageMagick-debuginfo-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"ImageMagick-debugsource-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libMagickCore-6_Q16-1-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libMagickWand-6_Q16-1-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ImageMagick-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ImageMagick-config-6-SUSE-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ImageMagick-config-6-upstream-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ImageMagick-debuginfo-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"ImageMagick-debugsource-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagick++-6_Q16-3-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagick++-6_Q16-3-debuginfo-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-32bit-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-debuginfo-32bit-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagickCore-6_Q16-1-debuginfo-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagickWand-6_Q16-1-6.8.8.1-71.126.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libMagickWand-6_Q16-1-debuginfo-6.8.8.1-71.126.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ImageMagick");
}
VendorProductVersionCPE
novellsuse_linux12cpe:/o:novell:suse_linux:12
novellsuse_linuximagemagickp-cpe:/a:novell:suse_linux:imagemagick
novellsuse_linuximagemagick-debuginfop-cpe:/a:novell:suse_linux:imagemagick-debuginfo
novellsuse_linuximagemagick-debugsourcep-cpe:/a:novell:suse_linux:imagemagick-debugsource
novellsuse_linuxlibmagickcore-6_q16p-cpe:/a:novell:suse_linux:libmagickcore-6_q16
novellsuse_linuxlibmagickcore-6_q16-1p-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1
novellsuse_linuxlibmagickcore-6_q16-1-debuginfop-cpe:/a:novell:suse_linux:libmagickcore-6_q16-1-debuginfo
novellsuse_linuxlibmagickwand-6_q16p-cpe:/a:novell:suse_linux:libmagickwand-6_q16
novellsuse_linuxlibmagickwand-6_q16-1-debuginfop-cpe:/a:novell:suse_linux:libmagickwand-6_q16-1-debuginfo
novellsuse_linuximagemagick-config-6-susep-cpe:/a:novell:suse_linux:imagemagick-config-6-suse
Rows per page:
1-10 of 131

References

Related

openvas 23
nessus 15
suse 1
cloudfoundry 1
ubuntu 1
ubuntucve 15
debian 2
osv 14
ibm 4
cve 15
redhatcve 16
nvd 16
prion 15
cvelist 16
alpinelinux 11
veracode 17
f5 1
debiancve 16
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2010-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2019-1889)
2020-01-23 00:00:00
openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2019:1983-1)
2019-08-22 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2019-1889)
2019-09-16 00:00:00
SUSE SLED15 / SLES15 Security Update : ImageMagick (SUSE-SU-2019:2106-1)
2019-08-12 00:00:00
openSUSE Security Update : ImageMagick (openSUSE-2019-1983)
2019-08-22 00:00:00
suse
suse
Security update for ImageMagick (moderate)
2019-08-21 00:00:00
cloudfoundry
cloudfoundry
USN-4192-1: ImageMagick vulnerabilities | Cloud Foundry
2019-11-18 00:00:00
ubuntu
ubuntu
ImageMagick vulnerabilities
2019-11-14 00:00:00
ubuntucve
ubuntucve
CVE-2019-13391
2019-07-07 00:00:00
CVE-2019-13308
2019-07-05 00:00:00
CVE-2019-12978
2019-06-26 00:00:00
debian
debian
[SECURITY] [DLA 1888-1] imagemagick security update
2019-08-16 14:14:20
[SECURITY] [DSA 4712-1] imagemagick security update
2020-06-30 20:31:53
osv
osv
imagemagick - security update
2019-08-16 00:00:00
imagemagick - security update
2020-06-30 00:00:00
CVE-2019-12979
2019-06-26 18:15:10
ibm
ibm
Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux
2020-01-21 09:01:17
Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux
2020-01-21 08:53:12
Security Bulletin: IBM Integration Bus Hyper visor Edition V9.0 require customer action for security vulnerabilities in Red Hat Linux
2020-01-21 09:05:12
cve
cve
CVE-2019-12975
2019-06-26 18:15:10
CVE-2019-13308
2019-07-05 01:15:10
CVE-2019-13454
2019-07-09 17:15:11
redhatcve
redhatcve
CVE-2019-12975
2019-07-23 06:58:45
CVE-2019-13391
2019-07-08 05:51:29
CVE-2019-13308
2019-07-16 14:24:51
nvd
nvd
CVE-2019-12975
2019-06-26 18:15:10
CVE-2019-13391
2019-07-07 22:15:10
CVE-2019-12974
2019-06-26 18:15:10
prion
prion
Heap overflow
2019-07-07 22:15:00
Design/Logic Flaw
2019-07-01 20:15:00
Memory corruption
2019-07-01 20:15:00
cvelist
cvelist
CVE-2019-13391
2019-07-07 21:16:44
CVE-2019-13308
2019-07-05 00:53:43
CVE-2019-13310
2019-07-05 00:53:57
alpinelinux
alpinelinux
CVE-2019-13308
2019-07-05 01:15:10
CVE-2019-13133
2019-07-01 20:15:11
CVE-2019-13311
2019-07-05 01:15:10
veracode
veracode
Denial Of Service (DoS)
2020-03-27 13:17:01
Arbitrary Code Execution
2020-05-10 23:22:34
Denial Of Service (DoS)
2019-07-02 03:40:53
f5
f5
K20336394 : ImageMagick vulnerability CVE-2019-13135
2019-10-08 00:00:00
debiancve
debiancve
CVE-2019-12974
2019-06-26 18:15:10
CVE-2019-13311
2019-07-05 01:15:10
CVE-2019-12975
2019-06-26 18:15:10

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON
Related for SUSE_SU-2019-2010-1.NASL
openvas23nessus15suse1cloudfoundry1ubuntu1ubuntucve15debian2osv14ibm4cve15redhatcve16nvd16prion15cvelist16alpinelinux11veracode17f51debiancve16