CVE-2020-27752 - OpenCVE

A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Imagemagick	Imagemagick

Configuration 1 [-]

OR	cpe:2.3:a:imagemagick:imagemagick::::::::
	cpe:2.3:a:imagemagick:imagemagick::::::::

No data.

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=1894226
https://nvd.nist.gov/vuln/detail/CVE-2020-27752
https://www.cve.org/CVERecord?id=CVE-2020-27752

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-12-08T21:57:16

Updated: 2024-08-04T16:18:45.675Z

Reserved: 2020-10-27T00:00:00

Link: CVE-2020-27752

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-12-08T22:15:18.070

Modified: 2023-11-07T03:20:59.763

Link: CVE-2020-27752

Redhat

Severity : Moderate

Publid Date: 2019-10-04T00:00:00Z

Links: CVE-2020-27752 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "ImageMagick", "vendor": "n/a", "versions": [{"status": "affected", "version": "prior to 7.0.9-0"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122->CWE-787", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-12-08T21:57:16", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-27752", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ImageMagick", "version": {"version_data": [{"version_value": "prior to 7.0.9-0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-122->CWE-787"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:18:45.675Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-27752", "datePublished": "2020-12-08T21:57:16", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-08-04T16:18:45.675Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF871999-2D18-46CF-8D3B-39086B5C52C3", "versionEndExcluding": "6.9.11-47", "vulnerable": true}, {"criteria": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "matchCriteriaId": "010CA5D7-72FB-40D2-B832-30482C376823", "versionEndExcluding": "7.0.9-0", "versionStartIncluding": "7.0.0-0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en ImageMagick en el archivo MagickCore/quantum-private.h. Un atacante que env\u00eda un archivo dise\u00f1ado que es procesado por ImageMagick podr\u00eda desencadenar un desbordamiento del b\u00fafer de pila. Esto conllevar\u00eda potencialmente a un impacto en la disponibilidad de la aplicaci\u00f3n, pero tambi\u00e9n podr\u00eda generar un impacto en la integridad de los datos. Este fallo afecta a ImageMagick versiones anteriores a 7.0.9-0"}], "id": "CVE-2020-27752", "lastModified": "2023-11-07T03:20:59.763", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-08T22:15:18.070", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Suhwan Song (Seoul National University) for reporting this issue.", "bugzilla": {"description": "ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h", "id": "1894226", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", "status": "draft"}, "cwe": "CWE-122->CWE-787", "details": ["A flaw was found in ImageMagick in MagickCore/quantum-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger a heap buffer overflow. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. This flaw affects ImageMagick versions prior to 7.0.9-0.", "A flaw was found in ImageMagick in MagickCore/quantum-private.h. This flaw allows an attacker who submits a crafted file processed by ImageMagick to trigger a heap buffer overflow. The highest threat from this vulnerability is to system availability and also a potential impact on data integrity."], "name": "CVE-2020-27752", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "inkscape", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "ImageMagick", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2019-10-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-27752\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-27752"], "statement": "This flaw is out of support scope for Red Hat Enterprise Linux 5, 6, and 7. Inkscape is not affected because it no longer uses a bundled ImageMagick in Red Hat Enterprise Linux 8. For more information regarding support scopes, please see https://access.redhat.com/support/policy/updates/errata .", "threat_severity": "Moderate", "upstream_fix": "ImageMagick 7.0.9-0"}