CVE-2017-16353
published 2017-11-01CVE-2017-16353: GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because…
PriorityP348medium6.5CVSS 3.0
AVNACLPRNUIRSUCHINAN
EXPLOIT
EPSS
13.68%
96.0th percentile
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | graphicsmagick | < graphicsmagick 1.3.26-17 (bookworm) | graphicsmagick 1.3.26-17 (bookworm) |
| graphicsmagick | graphicsmagick | — | — |
| graphicsmagick | graphicsmagick | >= 0 < 1.3.26-17 | 1.3.26-17 |
| graphicsmagick | graphicsmagick | >= 0 < 1.3.26-17 | 1.3.26-17 |
| graphicsmagick | graphicsmagick | >= 0 < 1.3.26-17 | 1.3.26-17 |
| graphicsmagick | graphicsmagick | >= 0 < 1.3.26-17 | 1.3.26-17 |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GraphicsMagick vulnerabilities
vendor_ubuntu·2020-01-08
CVE-2017-14165 GraphicsMagick vulnerabilities
Title: GraphicsMagick vulnerabilities
Summary: Several security issues were fixed in GraphicsMagick.
It was discovered that GraphicsMagick incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service or other
unspecified impact.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c
vendor_redhat·2017-11-01·CVSS 6.5
CVE-2017-16353 [MEDIUM] CWE-200 GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c
GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
Package: ImageMagick (Red Hat Enterprise Linux 5) - Will not fix
Package: ImageMagick (Red Hat Enterprise Linux 6) - Will not fix
Package: ImageMagick (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2017-16353: graphicsmagick - GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerabi...
vendor_debian·2017·CVSS 6.5
CVE-2017-16353 [MEDIUM] CVE-2017-16353: graphicsmagick - GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerabi...
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
Scope: local
bookworm: resolved (fixed in 1.3.26-17)
bullseye: resolved (fixed in 1.3.26-17)
forky: resolved (fixed in 1.3.26-17)
sid: resolved (fixed in 1.3.26-17)
trixie: resolved (fixed in 1.3.26-17)
GHSA
GHSA-whcq-5grp-h63j: GraphicsMagick 1
ghsa_unreviewed·2022-05-24
CVE-2017-16353 [MEDIUM] CWE-200 GHSA-whcq-5grp-h63j: GraphicsMagick 1
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
OSV
CVE-2017-16353: GraphicsMagick 1
osv·2017-11-01·CVSS 6.5
CVE-2017-16353 [MEDIUM] CVE-2017-16353: GraphicsMagick 1
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked.
No detection rules found.
Bugzilla
CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all]
bugzilla·2017-11-20·CVSS 6.5
CVE-2017-16353 [MEDIUM] CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all]
CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedp
Bugzilla
CVE-2017-16353 ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c
bugzilla·2017-11-10·CVSS 6.5
CVE-2017-16353 [MEDIUM] CVE-2017-16353 ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c
CVE-2017-16353 ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked. GM has it in magick/image.c and IM has it in magick/identify.c
Upstream patch:
http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8
References:
https://blogs
Bugzilla
CVE-2017-16353 ImageMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all]
bugzilla·2017-11-10·CVSS 6.5
CVE-2017-16353 [MEDIUM] CVE-2017-16353 ImageMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all]
CVE-2017-16353 ImageMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg
Bugzilla
CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [epel-all]
bugzilla·2017-11-10·CVSS 6.5
CVE-2017-16353 [MEDIUM] CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [epel-all]
CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg c
ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txthttp://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=e4e1c2a581d8http://www.securityfocus.com/bid/101653https://blogs.securiteam.com/index.php/archives/3494https://lists.debian.org/debian-lts-announce/2017/11/msg00002.htmlhttps://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlhttps://usn.ubuntu.com/4232-1/https://www.debian.org/security/2018/dsa-4321https://www.exploit-db.com/exploits/43111/ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/snapshots/ChangeLog.txthttp://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset%3Bnode=e4e1c2a581d8http://www.securityfocus.com/bid/101653https://blogs.securiteam.com/index.php/archives/3494https://lists.debian.org/debian-lts-announce/2017/11/msg00002.htmlhttps://lists.debian.org/debian-lts-announce/2018/06/msg00009.htmlhttps://usn.ubuntu.com/4232-1/https://www.debian.org/security/2018/dsa-4321https://www.exploit-db.com/exploits/43111/
2017-11-01
Published