QwikSec

Security Database

CVE

CWE

Training

CVE-2019-11470

Published: Apr 23, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin.c lacks a check for insufficient image data in a file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/ImageMagick/ImageMagick/issues/1472

x_refsource_MISC

https://github.com/ImageMagick/ImageMagick/commit/e3cdce6fe12193f235b8c0ae5efe6880a25eb957

x_refsource_MISC

openSUSE-SU-2019:1603

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

FEDORA-2019-da4c20882c

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-425a1aa7c9

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2019:1683

vendor-advisory

x_refsource_SUSE

[debian-lts-announce] 20191021 [SECURITY] [DLA 1968-1] imagemagick security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

[debian-lts-announce] 20200818 [SECURITY] [DLA 2333-1] imagemagick security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.